10 matches found
EUVD-2024-2895
Malicious code in bioql PyPI...
CVE-2021-27917
Prior to this patch, a stored XSS vulnerability existed in the contact tracking and page hits report...
CVE-2021-27917
Prior to this patch, a stored XSS vulnerability existed in the contact tracking and page hits report...
Mautic has an XSS in contact tracking and page hits report
Summary Prior to this patch, a stored XSS vulnerability existed in the contact tracking and page hits report. Patches Please update to 4.4.13 or 5.1.1 or later. Workarounds None References https://owasp.org/www-project-top-ten/2017/A72017-Cross-SiteScriptingXSS...
GHSA-XPC5-RR39-V8V2 Mautic has an XSS in contact tracking and page hits report
Summary Prior to this patch, a stored XSS vulnerability existed in the contact tracking and page hits report. Patches Please update to 4.4.13 or 5.1.1 or later. Workarounds None References https://owasp.org/www-project-top-ten/2017/A72017-Cross-SiteScriptingXSS...
CVE-2021-27917 XSS in contact tracking and page hits report
Prior to this patch, a stored XSS vulnerability existed in the contact tracking and page hits report...
CVE-2021-27917 XSS in contact tracking and page hits report
Prior to this patch, a stored XSS vulnerability existed in the contact tracking and page hits report...
CVE-2021-27917
CVE-2021-27917 documents a stored XSS vulnerability in Mautic’s contact tracking and page hits report. Affected component: mautic/core (and related mautic/core-lib in one entry) with unsafe handling of user input that can be stored and later executed in a user’s browser. Root cause centers on ins...
PT-2024-10913 · Mautic · Mautic
Name of the Vulnerable Software and Affected Versions: Mautic versions prior to 4.4.13 Mautic versions prior to 5.1.1 Description: A stored XSS issue existed in the contact tracking and page hits report, allowing for potential malicious script execution. Recommendations: For versions prior to...
CVE-2022-4132
A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way repeatedly hitting the login page...