3 matches found
CVE-2021-27909
creationtimestamp| type| source ---|---|--- 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-27909.yaml...
CVE-2021-27909
CVE-2021-27909 affects Mautic prior to 3.3.4 (and up to 4.0.0) with an XSS vulnerability on the password reset page. The issue is triggered via the vulnerable URL parameter “bundle”; an attacker can inject arbitrary JavaScript when a target clicks a crafted password reset link, potentially leadin...
CVE-2021-27909 XSS vulnerability on password reset page
For Mautic versions prior to 3.3.4/4.0.0, there is an XSS vulnerability on Mautic's password reset page where a vulnerable parameter, "bundle," in the URL could allow an attacker to execute Javascript code. The attacker would be required to convince or trick the target into clicking a password...