Prior to the patched version, there is an XSS vulnerability in the description fields within the Mautic application which could be exploited by a logged in user of Mautic with the appropriate permissions.
This could lead to the user having elevated access to the system.
This could lead to the user having elevated access to the system.
Metrics
Affected Vendors & Products
References
History
Mon, 14 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|
Sun, 29 Sep 2024 00:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Acquia
Acquia mautic |
|
Weaknesses | CWE-79 | |
CPEs | cpe:2.3:a:acquia:mautic:*:*:*:*:*:*:*:* cpe:2.3:a:acquia:mautic:1.0.0:-:*:*:*:*:*:* cpe:2.3:a:acquia:mautic:1.0.0:beta2:*:*:*:*:*:* cpe:2.3:a:acquia:mautic:1.0.0:beta3:*:*:*:*:*:* cpe:2.3:a:acquia:mautic:1.0.0:beta4:*:*:*:*:*:* cpe:2.3:a:acquia:mautic:1.0.0:rc1:*:*:*:*:*:* cpe:2.3:a:acquia:mautic:1.0.0:rc2:*:*:*:*:*:* cpe:2.3:a:acquia:mautic:1.0.0:rc3:*:*:*:*:*:* cpe:2.3:a:acquia:mautic:1.0.0:rc4:*:*:*:*:*:* |
|
Vendors & Products |
Acquia
Acquia mautic |
Tue, 17 Sep 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Mautic
Mautic mautic |
|
CPEs | cpe:2.3:a:mautic:mautic:-:*:*:*:*:*:*:* | |
Vendors & Products |
Mautic
Mautic mautic |
|
Metrics |
ssvc
|
Tue, 17 Sep 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Prior to the patched version, there is an XSS vulnerability in the description fields within the Mautic application which could be exploited by a logged in user of Mautic with the appropriate permissions. This could lead to the user having elevated access to the system. | |
Title | XSS Cross-site Scripting Stored (XSS) - Description field | |
Weaknesses | CWE-80 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: Mautic
Published:
Updated: 2024-09-17T16:01:29.250Z
Reserved: 2021-03-02T15:53:50.859Z
Link: CVE-2021-27915

Updated: 2024-09-17T16:00:44.787Z

Status : Analyzed
Published: 2024-09-17T14:15:14.100
Modified: 2024-09-29T00:22:31.787
Link: CVE-2021-27915

No data.

No data.