2 matches found
CVE-2026-9558
A Server-Side Template Injection SSTI vulnerability exists in Mautic's theme engine. The platform renders uploaded Twig templates without a sandbox or strict function restrictions. Authenticated users with permissions to create or upload themes can abuse this to execute arbitrary code on the...
PT-2026-44802
Name of the Vulnerable Software and Affected Versions Mautic affected versions not specified Description A Server-Side Template Injection SSTI issue exists in the theme engine. The platform renders uploaded Twig templates without a sandbox or strict function restrictions. Authenticated users with...