Cross-Site Scripting (XSS)

2021-01-2017:09:21

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

34.2%

JSON

mautic/core is vulnerable to cross-site scripting. The vulnerability exists due to the lack of sanitization on the GET parameters when pre-populating the form.

CPENameOperatorVersion
mautic/corele2.11.0

CPE	Name	Operator	Version
	mautic/core	le	2.11.0

References

github.com/advisories/GHSA-qjhr-c23f-w76q

github.com/mautic/mautic/releases/tag/2.12.0

0.001 Low

EPSS

Percentile

34.2%

JSON

Related for VERACODE:29048