Prior to the patched version, there is an XSS vulnerability in the description fields within the Mautic application which could be exploited by a logged in user of Mautic with the appropriate permissions.
This could lead to the user having elevated access to the system.
References
Configurations
No configuration.
History
17 Sep 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-17 14:15
Updated : 2024-09-17 14:15
NVD link : CVE-2021-27915
Mitre link : CVE-2021-27915
CVE.ORG link : CVE-2021-27915
JSON object : View
Products Affected
No product.
CWE
CWE-80
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)