Prior to the patched version, logged in users of Mautic are vulnerable to a self XSS vulnerability in the notifications within Mautic.
Users could inject malicious code into the notification when saving Dashboards.
Metrics
Affected Vendors & Products
References
History
Wed, 18 Sep 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 18 Sep 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Prior to the patched version, logged in users of Mautic are vulnerable to a self XSS vulnerability in the notifications within Mautic. Users could inject malicious code into the notification when saving Dashboards. | |
Title | XSS in Notifications via saving Dashboards | |
Weaknesses | CWE-79 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Mautic
Published: 2024-09-18T14:54:36.249Z
Updated: 2024-09-18T21:29:02.453Z
Reserved: 2022-02-22T20:17:36.805Z
Link: CVE-2022-25774
Vulnrichment
Updated: 2024-09-18T17:55:18.581Z
NVD
Status : Received
Published: 2024-09-18T15:15:13.253
Modified: 2024-09-18T15:15:13.253
Link: CVE-2022-25774
Redhat
No data.