Prior to this patch being applied, Mautic's tracking was vulnerable to Cross-Site Scripting through the Page URL variable.
Metrics
Affected Vendors & Products
References
History
Thu, 19 Sep 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 18 Sep 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Prior to this patch being applied, Mautic's tracking was vulnerable to Cross-Site Scripting through the Page URL variable. | |
Title | XSS in contact/company tracking (no authentication) | |
Weaknesses | CWE-79 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Mautic
Published: 2024-09-18T21:04:46.642Z
Updated: 2024-09-19T15:41:19.126Z
Reserved: 2024-09-17T13:41:00.584Z
Link: CVE-2024-47050
Vulnrichment
Updated: 2024-09-19T15:41:15.384Z
NVD
Status : Received
Published: 2024-09-18T21:15:13.743
Modified: 2024-09-18T21:15:13.743
Link: CVE-2024-47050
Redhat
No data.