mautic/core is vulnerable to cross-site scripting. An attacker is able to inject arbitrary Javascript in a user’s browser which could potentially result in the attacker gaining administrator privilege.
CPE | Name | Operator | Version |
---|---|---|---|
mautic/core | le | 2.16.4 | |
mautic/core | le | 3.2.3 |