Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Access Control Issues Lead to Sensitive Data Exposure in Mautic
Vulnerability Description
Users with low privileges (all permissions deselected in the administrator permissions settings) can view certain pages that expose sensitive information such as company names, users' names and surnames, stage names, and monitoring campaigns and their descriptions. In addition, unprivileged users can see and edit the descriptions of tags. At the time of publication of the CVE no patch is available.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Vulnerability Type
访问控制不恰当
Vulnerability Title
Mautic 安全漏洞
Vulnerability Description
Mautic是一款开源的营销自动化软件。该软件能够监控管理网站、发送电子邮件并管理客户资源。 Mautic存在安全漏洞,该漏洞源于低权限用户可以查看某些暴露敏感信息的页面。
CVSS Information
N/A
Vulnerability Type
N/A