EPSS
Percentile
22.7%
mautic/core is vulnerable to cross-site scripting(XSS) attacks. Insufficient sanitizations for the user inputs in InstallService.php allow remote authenticated attackers to inject and execute malicious javascript.
InstallService.php
github.com/mautic/mautic/commit/c7082fd279eb9928c42ff98b5da5b310de9a958f
github.com/mautic/mautic/commit/d1518c24e45515d710d4e488bc33a14027b64194
github.com/mautic/mautic/security/advisories/GHSA-jrwm-pr9x-cgq3