Server-Side Request Forgery (SSRF)

mautic/core is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to a flaw in the Asset section, an authenticated user could read system files and access the internal addresses of the application...

Mautic: MST-48 Server-Side Request Forgery in Asset section

Impact Prior to the patched version, an authenticated user of Mautic could read system files and access the internal addresses of the application due to a Server-Side Request Forgery SSRF vulnerability. Patches Update to 4.4.12 or 5.0.4 Workarounds None References -...