Prior to the patched version, logged in users of Mautic are vulnerable to a self XSS vulnerability in the notifications within Mautic.
Users could inject malicious code into the notification when saving Dashboards.
Users could inject malicious code into the notification when saving Dashboards.
Metrics
Affected Vendors & Products
References
History
Tue, 15 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|
Mon, 23 Sep 2024 23:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Acquia
Acquia mautic |
|
CPEs | cpe:2.3:a:acquia:mautic:*:*:*:*:*:*:*:* | |
Vendors & Products |
Acquia
Acquia mautic |
Wed, 18 Sep 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 18 Sep 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Prior to the patched version, logged in users of Mautic are vulnerable to a self XSS vulnerability in the notifications within Mautic. Users could inject malicious code into the notification when saving Dashboards. | |
Title | XSS in Notifications via saving Dashboards | |
Weaknesses | CWE-79 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: Mautic
Published:
Updated: 2024-09-18T21:29:02.453Z
Reserved: 2022-02-22T20:17:36.805Z
Link: CVE-2022-25774

Updated: 2024-09-18T17:55:18.581Z

Status : Analyzed
Published: 2024-09-18T15:15:13.253
Modified: 2024-09-23T23:21:35.443
Link: CVE-2022-25774

No data.

No data.