3 matches found
CVE-2020-35124
A cross-site scripting XSS vulnerability in the assets component of Mautic before 3.2.4 allows remote attackers to inject executable JavaScript through the Referer header of asset downloads...
CVE-2020-35124
A cross-site scripting XSS vulnerability in the assets component of Mautic before 3.2.4 allows remote attackers to inject executable JavaScript through the Referer header of asset downloads...
CVE-2020-35124
CVE-2020-35124 affects Mautic (assets component) before 3.2.4, where an XSS can be injected via the Referer header of asset downloads. Impact: executable JavaScript could run in the context of affected users. A fix is to update to 3.2.4 or later per multiple risk databases/advisories. Exploitatio...