{"url":"http://public2.vulnerablecode.io/api/packages/57804?format=json","purl":"pkg:composer/mautic/core@3.3.4","type":"composer","namespace":"mautic","name":"core","version":"3.3.4","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"3.3.5","latest_non_vulnerable_version":"7.0.1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/13988?format=json","vulnerability_id":"VCID-h55b-gu47-4kfw","summary":"Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)\nThe function mt_rand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are not under his/her control This issue affects: Mautic Mautic ;","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27913","reference_id":"","reference_type":"","scores":[{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.2526","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27913"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/mautic/core/CVE-2021-27913.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/mautic/core/CVE-2021-27913.yaml"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/commit/d1cad766a2de74e6c6b89d6d78c2a5f2e36ba91c","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/d1cad766a2de74e6c6b89d6d78c2a5f2e36ba91c"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-x7g2-wrrp-r6h3","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-x7g2-wrrp-r6h3"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-27913","reference_id":"CVE-2021-27913","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-27913"},{"reference_url":"https://github.com/advisories/GHSA-x7g2-wrrp-r6h3","reference_id":"GHSA-x7g2-wrrp-r6h3","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x7g2-wrrp-r6h3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/57804?format=json","purl":"pkg:composer/mautic/core@3.3.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@3.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/57803?format=json","purl":"pkg:composer/mautic/core@4.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1kzz-9ysf-u3d2"},{"vulnerability":"VCID-h55b-gu47-4kfw"},{"vulnerability":"VCID-rtzh-qevh-r7ae"},{"vulnerability":"VCID-x16f-ftqk-n3e2"},{"vulnerability":"VCID-zb5w-5thk-audh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@4.0.0"}],"aliases":["CVE-2021-27913","GHSA-x7g2-wrrp-r6h3"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h55b-gu47-4kfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/13999?format=json","vulnerability_id":"VCID-sna2-5k9z-ayd9","summary":"Cross-site Scripting\nThere is an XSS vulnerability on Mautic's password reset page where a vulnerable parameter `bundle` in the URL could allow an attacker to execute Javascript code. The attacker would be required to convince or trick the target into clicking a password reset URL with the vulnerable parameter utilized.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27909","reference_id":"","reference_type":"","scores":[{"value":"0.18658","scoring_system":"epss","scoring_elements":"0.95387","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27909"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/mautic/core/CVE-2021-27909.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/mautic/core/CVE-2021-27909.yaml"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/commit/942cb6992df619fdf1c181bfad9e25d5d4178b6f","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/942cb6992df619fdf1c181bfad9e25d5d4178b6f"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-32hw-3pvh-vcvc","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-32hw-3pvh-vcvc"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-27909","reference_id":"CVE-2021-27909","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-27909"},{"reference_url":"https://github.com/advisories/GHSA-32hw-3pvh-vcvc","reference_id":"GHSA-32hw-3pvh-vcvc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-32hw-3pvh-vcvc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/57804?format=json","purl":"pkg:composer/mautic/core@3.3.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@3.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/57803?format=json","purl":"pkg:composer/mautic/core@4.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1kzz-9ysf-u3d2"},{"vulnerability":"VCID-h55b-gu47-4kfw"},{"vulnerability":"VCID-rtzh-qevh-r7ae"},{"vulnerability":"VCID-x16f-ftqk-n3e2"},{"vulnerability":"VCID-zb5w-5thk-audh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@4.0.0"}],"aliases":["CVE-2021-27909","GHSA-32hw-3pvh-vcvc"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sna2-5k9z-ayd9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/13997?format=json","vulnerability_id":"VCID-x24q-c9vj-yucx","summary":"Cross-site Scripting\nMautic is vulnerable to an inline JS XSS attack through the contact's first or last name and triggered when viewing a contact's details page then clicking on the action drop down and hovering over the Campaigns button. Contact first and last name can be populated from different sources such as UI, API, 3rd party syncing, forms, etc.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27911","reference_id":"","reference_type":"","scores":[{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57876","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27911"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/mautic/core/CVE-2021-27911.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/mautic/core/CVE-2021-27911.yaml"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-72hm-fx78-xwhc","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-72hm-fx78-xwhc"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-27911","reference_id":"CVE-2021-27911","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-27911"},{"reference_url":"https://github.com/advisories/GHSA-72hm-fx78-xwhc","reference_id":"GHSA-72hm-fx78-xwhc","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-72hm-fx78-xwhc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/57804?format=json","purl":"pkg:composer/mautic/core@3.3.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@3.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/57803?format=json","purl":"pkg:composer/mautic/core@4.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1kzz-9ysf-u3d2"},{"vulnerability":"VCID-h55b-gu47-4kfw"},{"vulnerability":"VCID-rtzh-qevh-r7ae"},{"vulnerability":"VCID-x16f-ftqk-n3e2"},{"vulnerability":"VCID-zb5w-5thk-audh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@4.0.0"}],"aliases":["CVE-2021-27911","GHSA-72hm-fx78-xwhc"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x24q-c9vj-yucx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/13989?format=json","vulnerability_id":"VCID-xfj5-74f4-ryfk","summary":"Cross-site Scripting\nInsufficient sanitization / filtering allows for arbitrary JavaScript Injection in Mautic using the bounce management callback function. An attacker with access to the bounce management callback function (identified with the Mailjet webhook, but it is assumed this will work uniformly across all kinds of webhooks) can inject arbitrary JavaScript Code into the `error` and `error_related_to` parameters of the POST request (`POST /mailer/<product / webhook>/callback`). It is noted that there is no authentication needed to access this function. The JavaScript Code is stored permanently in the web application and executed every time an authenticated user views the details page of a single contact / lead in Mautic. This means, arbitrary code can be executed to, e.g., steal or tamper with information.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27910","reference_id":"","reference_type":"","scores":[{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.63171","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27910"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/mautic/core/CVE-2021-27910.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/mautic/core/CVE-2021-27910.yaml"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/commit/e6a405975342f3cf86aa71927618d31d25135fa3","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/e6a405975342f3cf86aa71927618d31d25135fa3"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-86pv-95mj-7w5f","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-86pv-95mj-7w5f"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-27910","reference_id":"CVE-2021-27910","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-27910"},{"reference_url":"https://github.com/advisories/GHSA-86pv-95mj-7w5f","reference_id":"GHSA-86pv-95mj-7w5f","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-86pv-95mj-7w5f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/57804?format=json","purl":"pkg:composer/mautic/core@3.3.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@3.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/57803?format=json","purl":"pkg:composer/mautic/core@4.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1kzz-9ysf-u3d2"},{"vulnerability":"VCID-h55b-gu47-4kfw"},{"vulnerability":"VCID-rtzh-qevh-r7ae"},{"vulnerability":"VCID-x16f-ftqk-n3e2"},{"vulnerability":"VCID-zb5w-5thk-audh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@4.0.0"}],"aliases":["CVE-2021-27910","GHSA-86pv-95mj-7w5f"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xfj5-74f4-ryfk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/13992?format=json","vulnerability_id":"VCID-zb5w-5thk-audh","summary":"Cross-site Scripting\nMautic is vulnerable to an inline JS XSS attack when viewing Mautic assets by utilizing inline JS in the title and adding a broken image URL as a remote asset. This can only be leveraged by an authenticated user with permission to create or edit assets.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27912","reference_id":"","reference_type":"","scores":[{"value":"0.0069","scoring_system":"epss","scoring_elements":"0.72115","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27912"},{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/mautic/core/CVE-2021-27912.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/mautic/core/CVE-2021-27912.yaml"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-rh5w-82wh-jhr8","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-rh5w-82wh-jhr8"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-27912","reference_id":"CVE-2021-27912","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-27912"},{"reference_url":"https://github.com/advisories/GHSA-rh5w-82wh-jhr8","reference_id":"GHSA-rh5w-82wh-jhr8","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rh5w-82wh-jhr8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/57804?format=json","purl":"pkg:composer/mautic/core@3.3.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@3.3.4"},{"url":"http://public2.vulnerablecode.io/api/packages/57803?format=json","purl":"pkg:composer/mautic/core@4.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1kzz-9ysf-u3d2"},{"vulnerability":"VCID-h55b-gu47-4kfw"},{"vulnerability":"VCID-rtzh-qevh-r7ae"},{"vulnerability":"VCID-x16f-ftqk-n3e2"},{"vulnerability":"VCID-zb5w-5thk-audh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@4.0.0"}],"aliases":["CVE-2021-27912","GHSA-rh5w-82wh-jhr8"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zb5w-5thk-audh"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@3.3.4"}