EPSS
Percentile
55.4%
mautic/core is vulnerable to authentication bypass. An OAuth2 auth plugin added for API access is able to allow a disabled user to still login using email address.
github.com/advisories/GHSA-6x98-fx9j-7c78
github.com/mautic/mautic/releases/tag/2.12.0