GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
9 advisories
Mautic has an Open Redirect vulnerability on user unlock path.
Moderate
CVE-2025-5256
was published
for
mautic/core
(Composer)
May 28, 2025
Mautic segment cloning doesn't have a proper permission check
Moderate
CVE-2024-47055
was published
for
mautic/core
(Composer)
May 28, 2025
Mautic allows user name enumeration due to response time difference on password reset form
Moderate
CVE-2024-47057
was published
for
mautic/core
(Composer)
May 28, 2025
Mautic does not shield .env files from web traffic
Moderate
CVE-2024-47056
was published
for
mautic/core
(Composer)
May 28, 2025
Mautic allows Relative Path Traversal in assets file upload
Moderate
CVE-2022-25773
was published
for
mautic/core
(Composer)
Feb 26, 2025
Mautic allows users enumeration due to weak password login
Moderate
CVE-2024-47059
was published
for
mautic/core
(Composer)
Sep 18, 2024
Mautic has insufficient authentication in upgrade flow
Moderate
CVE-2022-25770
was published
for
mautic/core
(Composer)
Sep 18, 2024
Mautic has an XSS in contact tracking and page hits report
Moderate
CVE-2021-27917
was published
for
mautic/core
(Composer)
Sep 18, 2024
Mautic vulnerable to XSS in contact/company tracking (no authentication)
Moderate
CVE-2024-47050
was published
for
mautic/core
(Composer)
Sep 18, 2024
ProTip!
Advisories are also available from the
GraphQL API