Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
acquia vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2021-27910
Insufficient sanitization / filtering allows for arbitrary JavaScript Injection in Mautic using the bounce management callback function. The values submitted in the "error" and "error_related_to" parameters of the POST request of the bounce management callback...
Acquia Mautic
Acquia Mautic 4.0.0
605
VMScore
CVE-2020-35124
A cross-site scripting (XSS) vulnerability in the assets component of Mautic prior to 3.2.4 allows remote malicious users to inject executable JavaScript through the Referer header of asset downloads.
Acquia Mautic
605
VMScore
CVE-2020-35125
A cross-site scripting (XSS) vulnerability in the forms component of Mautic prior to 3.2.4 allows remote malicious users to inject executable JavaScript via mautic[return] (a different attack method than CVE-2020-35124, but also related to the Referer concept).
Acquia Mautic
534
VMScore
CVE-2020-35128
Mautic prior to 3.2.4 is affected by stored XSS. An attacker with permission to manage companies, an application feature, could attack other users, including administrators. For example, by loading an externally crafted JavaScript file, an attacker could eventually perform action...
Acquia Mautic
187
VMScore
CVE-2021-27908
In all versions prior to Mautic 3.3.2, secret parameters such as database credentials could be exposed publicly by an authorized admin user through leveraging Symfony parameter syntax in any of the free text fields in Mautic’s configuration that are used in publicly facing ...
Acquia Mautic
383
VMScore
CVE-2022-25772
A cross-site scripting (XSS) vulnerability in the web tracking component of Mautic prior to 4.3.0 allows remote malicious users to inject executable javascript
Acquia Mautic
312
VMScore
CVE-2021-27914
A cross-site scripting (XSS) vulnerability in the installer component of Mautic prior to 4.3.0 allows admins to inject executable javascript
Acquia Mautic
605
VMScore
CVE-2017-8874
Multiple cross-site request forgery (CSRF) vulnerabilities in Mautic 1.4.1 allow remote malicious users to hijack the authentication of users for requests that (1) delete email campaigns or (2) delete contacts.
Acquia Mautic 1.4.1
383
VMScore
CVE-2018-11200
An issue exists in Mautic 2.13.1. It has Stored XSS via the company name field.
Acquia Mautic 2.13.1
383
VMScore
CVE-2018-11198
An issue exists in Mautic 2.13.1. There is Stored XSS via the authorUrl field in config.json.
Acquia Mautic 2.13.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »