CVE-2021-27912

CVE-2021-27912

Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack when viewing Mautic assets by utilizing inline JS in the title and adding a broken image URL as a remote asset. This can only be leveraged by an authenticated user with permission to create or edit assets.

Source: CVE-2021-27912

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다