Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
github.com/mautic/mautic
Mautic: Open Source Marketing Automation Software.
https://github.com/mautic/mautic
High
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: 3 months ago
GSA_kwCzR0hTQS01aGM1LWZ4cjktNWZyY84AA_rw
Mautic has insufficient authentication in upgrade flowEcosystems: packagist
Packages: mautic/core
Source: github
Published: 3 months ago
Moderate
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: 3 months ago
GSA_kwCzR0hTQS04dmZmLTM1cW0tcWp2ds4AA_rk
Mautic allows users enumeration due to weak password loginEcosystems: packagist
Packages: mautic/core
Source: github
Published: 3 months ago
Moderate
Ecosystems: packagist
Packages: mautic/core-lib, mautic/core
Source: github
Published: 3 months ago
GSA_kwCzR0hTQS1xZjZtLTZtNGctcm1yY84AA_rj
Mautic has insufficient authentication in upgrade flowEcosystems: packagist
Packages: mautic/core-lib, mautic/core
Source: github
Published: 3 months ago
Moderate
Ecosystems: packagist
Packages: mautic/core, mautic/core-lib
Source: github
Published: 3 months ago
GSA_kwCzR0hTQS14cGM1LXJyMzktdjh2Ms4AA_ri
Mautic has an XSS in contact tracking and page hits reportEcosystems: packagist
Packages: mautic/core, mautic/core-lib
Source: github
Published: 3 months ago
Moderate
Ecosystems: packagist
Packages: mautic/core-lib, mautic/core
Source: github
Published: 3 months ago
GSA_kwCzR0hTQS03M2dyLTMyd2ctcWhoN84AA_rh
Mautic vulnerable to XSS in contact/company tracking (no authentication)Ecosystems: packagist
Packages: mautic/core-lib, mautic/core
Source: github
Published: 3 months ago
Moderate
Ecosystems: packagist
Packages: mautic/core-lib, mautic/core
Source: github
Published: 3 months ago
GSA_kwCzR0hTQS14djY4LXJybXctOXh3Zs4AA_rg
Mautic vulnerable to Cross-site Scripting (XSS) - stored (edit form HTML field)Ecosystems: packagist
Packages: mautic/core-lib, mautic/core
Source: github
Published: 3 months ago
High
Ecosystems: packagist
Packages: mautic/core, mautic/core-lib
Source: github
Published: 3 months ago
GSA_kwCzR0hTQS14M2p4LTV3Nm0tcTJmY84AA_rI
Mautic vulnerable to Improper Access Control in UI upgrade processEcosystems: packagist
Packages: mautic/core, mautic/core-lib
Source: github
Published: 3 months ago
Critical
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: 7 months ago
GSA_kwCzR0hTQS00MnE3LTk1ajctdzYybc4AA8GE
Mautic is vulnerable to XSS vulnerabilityEcosystems: packagist
Packages: mautic/core
Source: github
Published: 7 months ago
Moderate
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: 8 months ago
GSA_kwCzR0hTQS1tZ3Y4LXc0OWYtODIyd84AA69_
Mautic: MST-48 Server-Side Request Forgery in Asset sectionEcosystems: packagist
Packages: mautic/core
Source: github
Published: 8 months ago
High
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: 8 months ago
GSA_kwCzR0hTQS1xangzLTJnMzUtNmh2OM4AA69Z
Mautic Sensitive Data Exposure due to inadequate user permission settingsEcosystems: packagist
Packages: mautic/core
Source: github
Published: 8 months ago
Moderate
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: 8 months ago
GSA_kwCzR0hTQS1qajZ3LTJjcWctN3A5NM4AA69Y
Mautic SQL Injection in dynamic ReportsEcosystems: packagist
Packages: mautic/core
Source: github
Published: 8 months ago
High
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: 8 months ago
GSA_kwCzR0hTQS05ZmN4LWN2NTYtdzU4cM4AA69X
Mautic vulnerable to Relative Path Traversal / Arbitrary File Deletion due to GrapesJS builderEcosystems: packagist
Packages: mautic/core
Source: github
Published: 8 months ago
Moderate
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: 8 months ago
GSA_kwCzR0hTQS1maGN4LWY3amctangzZs4AA68T
Mautic vulnerable to cross-site scripting in notifications via saving DashboardsEcosystems: packagist
Packages: mautic/core
Source: github
Published: 8 months ago
High
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: 8 months ago
GSA_kwCzR0hTQS0ycmM1LTI3NTUtdjQyMs4AA671
Mautic vulnerable to stored cross-site scripting in description fieldEcosystems: packagist
Packages: mautic/core
Source: github
Published: 8 months ago
Critical
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: over 2 years ago
GSA_kwCzR0hTQS1wanBjLTg3bXAtNDMzMs4AArNG
Cross-site Scripting vulnerability in Mautic's tracking pixel functionalityEcosystems: packagist
Packages: mautic/core
Source: github
Published: over 2 years ago
Moderate
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: over 2 years ago
GSA_kwCzR0hTQS0zNTh2LWNxamMtMnBjcc4AAXVw
Mautic Cross Site Scripting (XSS) vulnerabilityEcosystems: packagist
Packages: mautic/core
Source: github
Published: over 2 years ago
High
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: over 2 years ago
GSA_kwCzR0hTQS04MjU1LXFmMzQtNDRtcM4AAR1d
Sensitive Cookie Without HttpOnly and Secure FlagEcosystems: packagist
Packages: mautic/core
Source: github
Published: over 2 years ago
High
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: over 2 years ago
GSA_kwCzR0hTQS03dnZoLXhxcTQtdzc3N83zUg
Mautic Cross-Site Request Forgery (CSRF)Ecosystems: packagist
Packages: mautic/core
Source: github
Published: over 2 years ago
Moderate
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: almost 3 years ago
GSA_kwCzR0hTQS1tajZtLTI0NmgtOXc1Ns0vhQ
Improper regex in htaccess fileEcosystems: packagist
Packages: mautic/core
Source: github
Published: almost 3 years ago
Low
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg3ZzItd3JycC1yNmgz
Use of a Broken or Risky Cryptographic AlgorithmEcosystems: packagist
Packages: mautic/core
Source: github
Published: over 3 years ago
Moderate
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTMyaHctM3B2aC12Y3Zj
XSS vulnerability on password reset pageEcosystems: packagist
Packages: mautic/core
Source: github
Published: over 3 years ago
High
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg2cHYtOTVtai03dzVm
Stored XSS vulnerability on Bounce Management CallbackEcosystems: packagist
Packages: mautic/core
Source: github
Published: over 3 years ago
High
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTcyaG0tZng3OC14d2hj
XSS vulnerability on contacts viewEcosystems: packagist
Packages: mautic/core
Source: github
Published: over 3 years ago
High
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJoNXctODJ3aC1qaHI4
XSS vulnerability on asset viewEcosystems: packagist
Packages: mautic/core
Source: github
Published: over 3 years ago
Moderate
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRoanEtNDIycS00dnB4
Mautic vulnerable to secret data exfiltration via symfony parametersEcosystems: packagist
Packages: mautic/core
Source: github
Published: over 3 years ago
High
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA3djQtZ202ai1jdzlt
XSS in MauticEcosystems: packagist
Packages: mautic/core
Source: github
Published: almost 4 years ago
Moderate
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI5djktMmZweC1qNWc5
CSV Injection vulnerability with exported contact lists in MauticEcosystems: packagist
Packages: mautic/core
Source: github
Published: almost 4 years ago
Moderate
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTloeDctcmc3dy14bTc5
XSS vulnerability in company name field in MauticEcosystems: packagist
Packages: mautic/core
Source: github
Published: almost 4 years ago
Moderate
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFqaHItYzIzZi13NzZx
Inline JS XSS vulnerability in MauticEcosystems: packagist
Packages: mautic/core
Source: github
Published: almost 4 years ago
High
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZmeGotcWc5My03d3dj
Mautic Sessions could be hijacked due to tracking contacts by an auto-incremented IDEcosystems: packagist
Packages: mautic/core
Source: github
Published: almost 4 years ago
High
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4OTgtZng5ai03Yzc4
Disabled users able to log in with third party SSO pluginEcosystems: packagist
Packages: mautic/core
Source: github
Published: almost 4 years ago
Moderate
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV3NzQtang3bS14Nmh2
XSS vulnerability in theme config file in MauticEcosystems: packagist
Packages: mautic/core
Source: github
Published: almost 4 years ago
Moderate
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhjZjctY2o4cS1wY2pt
XSS vulnerability in Author URL of themes in MauticEcosystems: packagist
Packages: mautic/core
Source: github
Published: almost 4 years ago
Moderate
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFwZ3ctMmM3Mi00Yzg5
Mautic users able to download any files from server using filemanagerEcosystems: packagist
Packages: mautic/core
Source: github
Published: almost 4 years ago
Critical
Ecosystems: packagist
Packages: mautic/core
Source: github
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM5d2otajNqYy04NTht
XSS vulnerability leveraged through referrers could allow un-authorized admin access in MauticEcosystems: packagist
Packages: mautic/core
Source: github
Published: almost 4 years ago