Lucene search
Veracode Vulnerability DatabaseVERACODE:29189HistoryFeb 01, 2021 - 4:38 a.m.
Cross-site Scripting (XSS)
2021-02-0104:38:53
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.003 Low
EPSS
Percentile
68.9%
mautic/core is vulnerable to cross-site scripting (XSS). The vulnerability exists as an administrator who can create or edit a company through a build form.
| CPE | Name | Operator | Version |
|---|---|---|---|
| mautic/core | le | 2.16.4 | |
| mautic/core | le | 3.2.3 |
References
forum.mautic.org/c/announcements/16
forum.mautic.org/t/security-release-for-all-versions-of-mautic-prior-to-2-16-5-and-3-2-4/17786
github.com/advisories/GHSA-p7v4-gm6j-cw9m
github.com/mautic/mautic/commit/ba31db23e664f889da55a29ff27f797e2ab5cb1b
github.com/mautic/mautic/pull/9588
labs.bishopfox.com/advisories/mautic-version-3.2.2
Related
cve
cve
CVE-2020-35128
2021-01-19 14:15:12
CVE-2021-3142
2021-01-28 06:15:14
prion
prion
Design/Logic Flaw
2021-01-19 14:15:00
cvelist
cvelist
CVE-2020-35128
2021-01-19 13:08:02
github
github
Mautic stored Cross-site Scripting (XSS)
2022-05-24 17:39:28
osv
osv
CVE-2020-35128
2021-01-19 14:15:12
Mautic stored Cross-site Scripting (XSS)
2022-05-24 17:39:28
nvd
nvd
CVE-2020-35128
2021-01-19 14:15:12
CVE-2021-3142
2021-01-28 06:15:14