3 matches found
Insecure Direct Object Reference (IDOR)
mautic/core is vulnerable to an Insecure Direct Object Reference IDOR. The vulnerability is due to missing authorization checks in the segment cloning function, which allows authenticated users to clone segments even if they don’t have the necessary permissions...
Sensitive Information Disclosure
mautic/core is vulnerable to Sensitive Information Disclosure. The vulnerability is due to inadequate user permission settings. An attacker can access areas of the application that they should be prevented from accessing by exploiting these settings. This could potentially lead to the access of...
Arbitrary File Download
mautic/core is vulnerable to arbitrary file download. An authenticated user is able to download arbitrary files from the server...