Cross-Site Scripting (XSS)

2021-01-2014:10:14

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

26.7%

JSON

mautic/core is vulnerable to stored cross-site scripting. An attacker is able to inject arbitrary Javascript on a user’s browser via the authorUrl parameter.

CPENameOperatorVersion
mautic/corele2.13.1

CPE	Name	Operator	Version
	mautic/core	le	2.13.1

References

github.com/advisories/GHSA-29v9-2fpx-j5g9

github.com/mautic/mautic/releases

github.com/mautic/mautic/releases/tag/2.14.0

0.001 Low

EPSS

Percentile

26.7%

JSON

Related for VERACODE:29036