Описание
Mautic has insufficient authentication in upgrade flow
Impact
Mautic allows you to update the application via an upgrade script.
The upgrade logic isn't shielded off correctly, which may lead to vulnerable situation.
This vulnerability is mitigated by the fact that Mautic needs to be installed in a certain way to be vulnerable
Patches
Please upgrade to 4.4.1 or 5.1.1 or later.
Workarounds
None.
For more information
If you have any questions or comments about this advisory:
- Email us at security@mautic.org
Пакеты
mautic/core
>= 1.0.0-beta3, < 4.4.13
4.4.13
mautic/core
>= 5.0.0-alpha, < 5.1.1
5.1.1
mautic/core-lib
>= 1.0.0-beta3, < 4.4.13
4.4.13
mautic/core-lib
>= 5.0.0-alpha, < 5.1.1
5.1.1
Связанные уязвимости
Mautic allows you to update the application via an upgrade script. The upgrade logic isn't shielded off correctly, which may lead to vulnerable situation. This vulnerability is mitigated by the fact that Mautic needs to be installed in a certain way to be vulnerable.