Mautic Sensitive Data Exposure due to inadequate user permission settings

Impact Prior to the patched version, logged in users of Mautic are able to access areas of the application that they should be prevented from accessing. Users could potentially access sensitive data such as names and surnames, company names and stage names. Patches Update to 4.4.12 and 5.0.4...

PT-2024-21812 · Mautic +1 · Mautic

Name of the Vulnerable Software and Affected Versions: No specific software name or affected versions are mentioned in the provided descriptions. Description: The issue allows users with low privileges to view certain pages that expose sensitive information, including company names, users' names...

Jenkins Pipeline Aggregator View Plugin stored XSS vulnerability

Jenkins Pipeline Aggregator View Plugin 1.8 and earlier does not escape information shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to affects view content such as job display name or pipeline stage names...

CVE-2019-16564

Jenkins Pipeline Aggregator View Plugin 1.8 and earlier does not escape information shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to affects view content such as job display name or pipeline stage names...