2 matches found
CVE-2017-1000489
Mautic versions 2.0.0 - 2.11.0 with a SSO plugin installed could allow a disabled user to still login using email address...
CVE-2017-1000489
The CVE-2017-1000489 entry concerns Mautic versions 2.0.0–2.11.0 with an installed SSO plugin, where a disabled user could still log in using an email address. Concrete details across connected sources indicate an authentication bypass vector via the SSO integration, affecting the login flow rath...