With access to edit a Mautic form, the attacker can add Cross-Site Scripting stored in the html filed. This could be used to steal sensitive information from the user's current session.
Metrics
Affected Vendors & Products
References
History
Fri, 27 Sep 2024 16:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Acquia
Acquia mautic |
|
CPEs | cpe:2.3:a:acquia:mautic:*:*:*:*:*:*:*:* | |
Vendors & Products |
Acquia
Acquia mautic |
Thu, 19 Sep 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 18 Sep 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | With access to edit a Mautic form, the attacker can add Cross-Site Scripting stored in the html filed. This could be used to steal sensitive information from the user's current session. | |
Title | Cross-site Scripting (XSS) - stored (edit form HTML field) | |
Weaknesses | CWE-79 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Mautic
Published: 2024-09-18T21:00:28.950Z
Updated: 2024-09-19T15:42:11.246Z
Reserved: 2024-09-17T13:41:00.585Z
Link: CVE-2024-47058
Vulnrichment
Updated: 2024-09-19T15:42:08.169Z
NVD
Status : Analyzed
Published: 2024-09-18T21:15:13.923
Modified: 2024-09-27T15:31:30.917
Link: CVE-2024-47058
Redhat
No data.