Mautic versions 2.0.0 - 2.11.0 with a SSO plugin installed could allow a disabled user to still login using email address
Upgrade to 2.12.0 or later.
None.
If you have any questions or comments about this advisory:
CPE | Name | Operator | Version |
---|---|---|---|
mautic/core | eq | 2.5.1 | |
mautic/core | eq | 2.11.0 | |
mautic/core | eq | 2.3.0 | |
mautic/core | eq | 2.8.0 | |
mautic/core | eq | 2.9.2 | |
mautic/core | eq | 2.12.0-beta | |
mautic/core | eq | 2.4.0 | |
mautic/core | eq | 2.10.1 | |
mautic/core | eq | 2.7.1 | |
mautic/core | eq | 2.5.0 |