You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
Inline JS XSS vulnerability in Mautic
Moderate severity
GitHub Reviewed
Published
Jan 19, 2021
in
mautic/mautic
•
Updated Feb 1, 2023
Mautic version 2.1.0 - 2.11.0 is vulnerable to an inline JS XSS attack when using Mautic forms on a Mautic landing page using GET parameters to pre-populate the form.
Impact
Mautic version 2.1.0 - 2.11.0 is vulnerable to an inline JS XSS attack when using Mautic forms on a Mautic landing page using GET parameters to pre-populate the form.
Patches
Upgrade to 2.12.0 or later.
Workarounds
None
References
https://github.com/mautic/mautic/releases/tag/2.12.0
For more information
If you have any questions or comments about this advisory:
References