Acquia Mautic 2.3.0
Approved changes feed: RSS · Atom
cpe:2.3:a:acquia:mautic:2.3.0:*:*:*:*:*:*:*
part: a version: 2.3.0 update: *
| Vendor | Acquia (15d56acd-23d5-5963-9c0b-96f076249d74) |
|---|---|
| Product | Mautic (543739f1-898e-5ba0-985b-428e8a4ce88d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:drupal/mautic |
purl2cpe | 2026-06-01 10:10:56.118774 |
pkg:github/mautic/mautic |
purl2cpe | 2026-06-01 10:10:56.118776 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2017-1000490 |
vulnerable | 2026-06-03 14:36:25.621909 |
Details available
Mautic versions 1.0.0 - 2.11.0 are vulnerable to allowing any authorized Mautic user session (must be logged into Mautic) to use the Filemanager to download any file from the server that the web user has access to.
Published: 2018-01-03T17:00:00.000Z
Updated: 2024-09-16T16:47:37.561Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-1000489 |
vulnerable | 2026-06-03 14:36:25.609479 |
Details available
Mautic versions 2.0.0 - 2.11.0 with a SSO plugin installed could allow a disabled user to still login using email address
Published: 2018-01-03T17:00:00.000Z
Updated: 2024-09-17T00:42:20.126Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-1000488 |
vulnerable | 2026-06-03 14:36:25.597505 |
Details available
Mautic version 2.1.0 - 2.11.0 is vulnerable to an inline JS XSS attack when using Mautic forms on a Mautic landing page using GET parameters to pre-populate the form.
Published: 2018-01-03T16:00:00.000Z
Updated: 2024-09-16T23:46:50.151Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.