Lucene search
PRIOn knowledge basePRION:CVE-2021-27909HistoryAug 30, 2021 - 4:15 p.m.
Cross site scripting
2021-08-3016:15:00
PRIOn knowledge base
www.prio-n.com
1
0.001 Low
EPSS
Percentile
42.0%
For Mautic versions prior to 3.3.4/4.0.0, there is an XSS vulnerability on Mautic’s password reset page where a vulnerable parameter, “bundle,” in the URL could allow an attacker to execute Javascript code. The attacker would be required to convince or trick the target into clicking a password reset URL with the vulnerable parameter utilized.
| CPE | Name | Operator | Version |
|---|---|---|---|
| mautic | eq | 4.0.0 alpha1 | |
| mautic | eq | 4.0.0 beta | |
| mautic | lt | 3.3.4 | |
| mautic | eq | 4.0.0 rc |
Related
osv
osv
CVE-2021-27909
2021-08-30 16:15:07
XSS vulnerability on password reset page
2021-09-01 18:40:56
nvd
nvd
CVE-2021-27909
2021-08-30 16:15:07
nuclei
nuclei
Mautic <3.3.4 - Cross-Site Scripting
2022-10-13 09:55:31
cnvd
cnvd
Mautic Cross-Site Scripting Vulnerability (CNVD-2021-70088)
2021-09-01 00:00:00
cvelist
cvelist
CVE-2021-27909 XSS vulnerability on password reset page
2021-08-30 00:00:00
friendsofphp
friendsofphp
XSS vulnerability on password reset page
1970-01-01 00:00:00
cve
cve
CVE-2021-27909
2021-08-30 16:15:07
github
github
XSS vulnerability on password reset page
2021-09-01 18:40:56