Acquia Mautic 1.0.0 Beta 3
Approved changes feed: RSS · Atom
cpe:2.3:a:acquia:mautic:1.0.0:beta3:*:*:*:*:*:*
part: a version: 1.0.0 update: beta3
| Vendor | Acquia (15d56acd-23d5-5963-9c0b-96f076249d74) |
|---|---|
| Product | Mautic (543739f1-898e-5ba0-985b-428e8a4ce88d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:drupal/mautic |
purl2cpe | 2026-06-01 10:10:56.118585 |
pkg:github/mautic/mautic |
purl2cpe | 2026-06-01 10:10:56.118586 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-25770 |
vulnerable | 2026-06-03 14:46:40.577373 |
Insufficient authentication in upgrade flow
HIGH (7.8)
Mautic allows you to update the application via an upgrade script.
The upgrade logic isn't shielded off correctly, which may lead to vulnerable situation.
This vulnerability is mitigated by the fact that Mautic needs to be installed in a certain way to be vulnerable.
Published: 2024-09-18T21:26:34.059Z
Updated: 2024-09-19T14:47:14.786Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-27915 |
vulnerable | 2026-06-03 14:44:17.051370 |
XSS Cross-site Scripting Stored (XSS) - Description field
HIGH (7.6)
Prior to the patched version, there is an XSS vulnerability in the description fields within the Mautic application which could be exploited by a logged in user of Mautic with the appropriate permissions.
This could lead to the user having elevated access to the system.
Published: 2024-09-17T14:02:09.969Z
Updated: 2024-09-17T16:01:29.250Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.