Prior to the patched version, there is an XSS vulnerability in the description fields within the Mautic application which could be exploited by a logged in user of Mautic with the appropriate permissions. This could lead to the user having elevated access to the system.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| mautic/core(Packagist) | 1.0.0-beta2 | 4.4.12 | N/A |
CVSS Metrics
