Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Mautic before 3.2.4 is affected by stored XSS. An attacker with access to Social Monitoring, an application feature, could attack other users, including administrators. For example, an attacker could load an externally drafted JavaScript file that would allow them to eventually perform actions on the target user’s behalf, including changing the user’s password or email address or changing the attacker’s user role from a low-privileged user to an administrator account.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mautic 跨站脚本漏洞
Vulnerability Description
Mautic是一款开源的营销自动化软件。该软件能够监控管理网站、发送电子邮件并管理客户资源。 Mautic before 3.2.4 存在跨站脚本漏洞,攻击者可利用该漏洞加载外部JavaScript文件,更改受害者的密码或电子邮件地址,或将攻击者的用户角色从低级用户更改为管理员帐户。
CVSS Information
N/A
Vulnerability Type
N/A