Prior to this patch being applied, Mautic's tracking was vulnerable to Cross-Site Scripting through the Page URL variable.
Prior to this patch, a stored XSS vulnerability existed in the contact tracking and page hits report.
Prior to the patched version, there is an XSS vulnerability in the description fields within the Mautic application which could be exploited by a logged in user of Mautic with the appropriate permissi
Prior to the patched version, logged in users of Mautic are vulnerable to a self XSS vulnerability in the notifications within Mautic.
Users could inject malicious code into the notification when sav
A stored Cross-Site Scripting (XSS) vulnerability exists in the Projects component of Mautic 7. When displaying project tags and popovers on administrative detail views (such as campaigns, emails, or
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Plausible tracking allows Cross-Site Scripting (XSS).This issue affects Plausible tracking:
The Tracking Code Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the tracking code field in all versions up to, and including, 2.3.0 due to insufficient input sanitizati
With access to edit a Mautic form, the attacker can add Cross-Site Scripting stored in the html filed. This could be used to steal sensitive information from the user's current session.
A stored Cross-Site Scripting (XSS) vulnerability exists in the project selector component of Mautic 7. When rendering selection menus for associating projects with system entities, the application fa
A vulnerability has been found in SourceCodester Online Graduate Tracer System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /tracking/admin
Prior to the patched version, an authenticated user of Mautic could read system files and access the internal addresses of the application due to a Server-Side Request Forgery (SSRF) vulnerability.
This advisory addresses two critical security vulnerabilities present in Mautic versions before 5.2.3. These vulnerabilities could be exploited by authenticated users.
* Remote Code Execution (RCE
A security vulnerability has been detected in MaxSite CMS up to 109.3. Affected by this issue is some unknown functionality of the component mail_send Plugin. The manipulation of the argument f_subjec
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 17track 17TRACK for WooCommerce 17track allows Reflected XSS.This issue affects 17TRACK for WooCom
A vulnerability classified as problematic has been found in SourceCodester Tracking Monitoring Management System 1.0. This affects an unknown part of the file /ajax.php. The manipulation leads to cros
A vulnerability was detected in MaxSite CMS up to 109.3. This affects an unknown part of the component Redirect Plugin. The manipulation of the argument f_all/f_all404 results in cross site scripting.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mahesh_9696 Mitm Bug Tracker mitm-bug-tracker allows Reflected XSS.This issue affects Mitm Bug Tra
A vulnerability was determined in mrvautin expressCart up to b31302f4e99c3293bd742c6d076a721e168118b0. This impacts an unknown function of the file /admin/product/edit/ of the component Edit Product P
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bitsstech Shipment Tracker for Woocommerce shipment-tracker-for-woocommerce allows Reflected XSS.T
A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /panel/edit-customer-detailed.php
Page 1+ Next →