{"url":"http://public2.vulnerablecode.io/api/packages/71493?format=json","purl":"pkg:composer/mautic/core@5.0.0","type":"composer","namespace":"mautic","name":"core","version":"5.0.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"5.2.8","latest_non_vulnerable_version":"7.0.1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/319048?format=json","vulnerability_id":"VCID-1t96-m4w5-pudn","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9822","reference_id":"","reference_type":"","scores":[{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20328","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9822"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/commit/882c2c5be646e36f7b91e7c4b24f71aafa617cd5","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/882c2c5be646e36f7b91e7c4b24f71aafa617cd5"},{"reference_url":"https://github.com/mautic/mautic/commit/a310b1933de7cfefec03382a4d8c0d9dbbaa0600","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/a310b1933de7cfefec03382a4d8c0d9dbbaa0600"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-438m-6mhw-hq5w","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:08:49Z/"}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-438m-6mhw-hq5w"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-9822","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-9822"},{"reference_url":"https://github.com/advisories/GHSA-438m-6mhw-hq5w","reference_id":"GHSA-438m-6mhw-hq5w","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-438m-6mhw-hq5w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/193511?format=json","purl":"pkg:composer/mautic/core@5.2.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.2.8"},{"url":"http://public2.vulnerablecode.io/api/packages/193512?format=json","purl":"pkg:composer/mautic/core@6.0.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@6.0.5"}],"aliases":["CVE-2025-9822","GHSA-438m-6mhw-hq5w"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1t96-m4w5-pudn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/309609?format=json","vulnerability_id":"VCID-3fw8-xhj1-8yh9","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5256","reference_id":"","reference_type":"","scores":[{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40247","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5256"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-6vx9-9r2g-8373","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T17:57:26Z/"}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-6vx9-9r2g-8373"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-5256","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-5256"},{"reference_url":"https://github.com/advisories/GHSA-6vx9-9r2g-8373","reference_id":"GHSA-6vx9-9r2g-8373","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6vx9-9r2g-8373"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/196076?format=json","purl":"pkg:composer/mautic/core@5.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/196077?format=json","purl":"pkg:composer/mautic/core@6.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@6.0.2"}],"aliases":["CVE-2025-5256","GHSA-6vx9-9r2g-8373"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3fw8-xhj1-8yh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/319050?format=json","vulnerability_id":"VCID-55b6-9yw1-byht","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9824","reference_id":"","reference_type":"","scores":[{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22908","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9824"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/commit/6bc4f5f1aabb13df12714ad0ea9fc281cbb867c6","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/6bc4f5f1aabb13df12714ad0ea9fc281cbb867c6"},{"reference_url":"https://github.com/mautic/mautic/commit/b4264c717ce31fbafafcefc04b02ecb9fb911e62","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/b4264c717ce31fbafafcefc04b02ecb9fb911e62"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-3ggv-qwcp-j6xg","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:45:46Z/"}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-3ggv-qwcp-j6xg"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-9824","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-9824"},{"reference_url":"https://github.com/advisories/GHSA-3ggv-qwcp-j6xg","reference_id":"GHSA-3ggv-qwcp-j6xg","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-3ggv-qwcp-j6xg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/193511?format=json","purl":"pkg:composer/mautic/core@5.2.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.2.8"},{"url":"http://public2.vulnerablecode.io/api/packages/193512?format=json","purl":"pkg:composer/mautic/core@6.0.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@6.0.5"}],"aliases":["CVE-2025-9824","GHSA-3ggv-qwcp-j6xg"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-55b6-9yw1-byht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/19890?format=json","vulnerability_id":"VCID-5nd5-j87v-qfa1","summary":"Mautic SQL Injection in dynamic Reports\nPrior to the patched version, logged in users of Mautic are vulnerable to an SQL injection vulnerability in the Reports bundle.\n\nThe user could retrieve and alter data like sensitive data, login, and depending on database permission the attacker can manipulate file systems.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25775","reference_id":"","reference_type":"","scores":[{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21352","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25775"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/commit/cab65e0acc4f23c4f07c117dee1b69dac5abed3f","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/cab65e0acc4f23c4f07c117dee1b69dac5abed3f"},{"reference_url":"https://github.com/mautic/mautic/commit/e75b1eea16309588f069169b5882cf53f854dbd8","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/e75b1eea16309588f069169b5882cf53f854dbd8"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25775","reference_id":"CVE-2022-25775","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25775"},{"reference_url":"https://github.com/advisories/GHSA-jj6w-2cqg-7p94","reference_id":"GHSA-jj6w-2cqg-7p94","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jj6w-2cqg-7p94"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-jj6w-2cqg-7p94","reference_id":"GHSA-jj6w-2cqg-7p94","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-18T17:46:22Z/"}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-jj6w-2cqg-7p94"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/68577?format=json","purl":"pkg:composer/mautic/core@5.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-3fw8-xhj1-8yh9"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-9epj-119e-r7b1"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-brjh-e9ew-h7dt"},{"vulnerability":"VCID-hjmh-y2kj-hkfz"},{"vulnerability":"VCID-jcas-dc7u-6ycy"},{"vulnerability":"VCID-khge-xuhx-zbb7"},{"vulnerability":"VCID-kxm5-5dkf-nucr"},{"vulnerability":"VCID-nt2w-eqkm-6uhc"},{"vulnerability":"VCID-pr6h-w2cd-zufv"},{"vulnerability":"VCID-rntf-qccq-h7gg"},{"vulnerability":"VCID-rtzh-qevh-r7ae"},{"vulnerability":"VCID-s5u6-kjj4-wqbg"},{"vulnerability":"VCID-s8yp-uswr-a3hc"},{"vulnerability":"VCID-uh3r-4wuu-r7c8"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.0.4"}],"aliases":["CVE-2022-25775","GHSA-jj6w-2cqg-7p94"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5nd5-j87v-qfa1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/193522?format=json","vulnerability_id":"VCID-9epj-119e-r7b1","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25773","reference_id":"","reference_type":"","scores":[{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34813","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25773"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/commit/e6aaad99f399c5df1ce6273609920098e5c2564a","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/e6aaad99f399c5df1ce6273609920098e5c2564a"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-4w2w-36vm-c8hf","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:54:09Z/"}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-4w2w-36vm-c8hf"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25773","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25773"},{"reference_url":"https://github.com/advisories/GHSA-4w2w-36vm-c8hf","reference_id":"GHSA-4w2w-36vm-c8hf","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-4w2w-36vm-c8hf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/194383?format=json","purl":"pkg:composer/mautic/core@5.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-3fw8-xhj1-8yh9"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-rntf-qccq-h7gg"},{"vulnerability":"VCID-rtzh-qevh-r7ae"},{"vulnerability":"VCID-s5u6-kjj4-wqbg"},{"vulnerability":"VCID-s8yp-uswr-a3hc"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.2.3"}],"aliases":["CVE-2022-25773","GHSA-4w2w-36vm-c8hf"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9epj-119e-r7b1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/319047?format=json","vulnerability_id":"VCID-a4qh-wgz5-ufd3","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9821","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15403","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9821"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/commit/6084f6de4c88d1aeb5f6c73ea4fe1b09c98ea52b","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/6084f6de4c88d1aeb5f6c73ea4fe1b09c98ea52b"},{"reference_url":"https://github.com/mautic/mautic/commit/dc5bb1466c9a48fd34768dc8ff5888716b2916ba","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/dc5bb1466c9a48fd34768dc8ff5888716b2916ba"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-hj6f-7hp7-xg69","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:07:29Z/"}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-hj6f-7hp7-xg69"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-9821","reference_id":"","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-9821"},{"reference_url":"https://github.com/advisories/GHSA-hj6f-7hp7-xg69","reference_id":"GHSA-hj6f-7hp7-xg69","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-hj6f-7hp7-xg69"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/193511?format=json","purl":"pkg:composer/mautic/core@5.2.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.2.8"},{"url":"http://public2.vulnerablecode.io/api/packages/193512?format=json","purl":"pkg:composer/mautic/core@6.0.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@6.0.5"}],"aliases":["CVE-2025-9821","GHSA-hj6f-7hp7-xg69"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a4qh-wgz5-ufd3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175191?format=json","vulnerability_id":"VCID-brjh-e9ew-h7dt","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27917","reference_id":"","reference_type":"","scores":[{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63945","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27917"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/commit/550e33562d03363f7592fa9354259787a23a1d98","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/550e33562d03363f7592fa9354259787a23a1d98"},{"reference_url":"https://github.com/mautic/mautic/commit/629165ac905c53bbb44feb5a6dbadb1dfd6d5564","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/629165ac905c53bbb44feb5a6dbadb1dfd6d5564"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-27917","reference_id":"CVE-2021-27917","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-27917"},{"reference_url":"https://github.com/advisories/GHSA-xpc5-rr39-v8v2","reference_id":"GHSA-xpc5-rr39-v8v2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xpc5-rr39-v8v2"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-xpc5-rr39-v8v2","reference_id":"GHSA-xpc5-rr39-v8v2","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T15:40:34Z/"}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-xpc5-rr39-v8v2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82863?format=json","purl":"pkg:composer/mautic/core@5.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-3fw8-xhj1-8yh9"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-9epj-119e-r7b1"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-nt2w-eqkm-6uhc"},{"vulnerability":"VCID-rntf-qccq-h7gg"},{"vulnerability":"VCID-rtzh-qevh-r7ae"},{"vulnerability":"VCID-s5u6-kjj4-wqbg"},{"vulnerability":"VCID-s8yp-uswr-a3hc"},{"vulnerability":"VCID-uh3r-4wuu-r7c8"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.1.1"}],"aliases":["CVE-2021-27917","GHSA-xpc5-rr39-v8v2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-brjh-e9ew-h7dt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/19891?format=json","vulnerability_id":"VCID-chbh-dhsu-w3c3","summary":"Mautic vulnerable to Relative Path Traversal / Arbitrary File Deletion due to GrapesJS builder\nPrior to the patched version, logged in users of Mautic are vulnerable to Relative Path Traversal/Arbitrary File Deletion.  Regardless of the level of access the Mautic user had, they could delete files other than those in the media folders such as system files, libraries or other important files.\n\nThis vulnerability exists in the implementation of the GrapesJS builder in Mautic.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27916","reference_id":"","reference_type":"","scores":[{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35572","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27916"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/commit/546045ff9c74dd8b3dac36c4ab3674380262c65a","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/546045ff9c74dd8b3dac36c4ab3674380262c65a"},{"reference_url":"https://github.com/mautic/mautic/commit/95e8df3ae6730c725f1848d70e7992da369518f3","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/95e8df3ae6730c725f1848d70e7992da369518f3"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-27916","reference_id":"CVE-2021-27916","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-27916"},{"reference_url":"https://github.com/advisories/GHSA-9fcx-cv56-w58p","reference_id":"GHSA-9fcx-cv56-w58p","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9fcx-cv56-w58p"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-9fcx-cv56-w58p","reference_id":"GHSA-9fcx-cv56-w58p","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T15:57:12Z/"}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-9fcx-cv56-w58p"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/68577?format=json","purl":"pkg:composer/mautic/core@5.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-3fw8-xhj1-8yh9"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-9epj-119e-r7b1"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-brjh-e9ew-h7dt"},{"vulnerability":"VCID-hjmh-y2kj-hkfz"},{"vulnerability":"VCID-jcas-dc7u-6ycy"},{"vulnerability":"VCID-khge-xuhx-zbb7"},{"vulnerability":"VCID-kxm5-5dkf-nucr"},{"vulnerability":"VCID-nt2w-eqkm-6uhc"},{"vulnerability":"VCID-pr6h-w2cd-zufv"},{"vulnerability":"VCID-rntf-qccq-h7gg"},{"vulnerability":"VCID-rtzh-qevh-r7ae"},{"vulnerability":"VCID-s5u6-kjj4-wqbg"},{"vulnerability":"VCID-s8yp-uswr-a3hc"},{"vulnerability":"VCID-uh3r-4wuu-r7c8"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.0.4"}],"aliases":["CVE-2021-27916","GHSA-9fcx-cv56-w58p"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-chbh-dhsu-w3c3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/265312?format=json","vulnerability_id":"VCID-hjmh-y2kj-hkfz","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47058","reference_id":"","reference_type":"","scores":[{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40199","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47058"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/commit/344b908ef690283e7d8d3fc5cc1327396a1c3046","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/344b908ef690283e7d8d3fc5cc1327396a1c3046"},{"reference_url":"https://github.com/mautic/mautic/commit/88153a15b3cea331b7036d956b880c69e81a0032","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/88153a15b3cea331b7036d956b880c69e81a0032"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47058","reference_id":"CVE-2024-47058","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47058"},{"reference_url":"https://github.com/advisories/GHSA-xv68-rrmw-9xwf","reference_id":"GHSA-xv68-rrmw-9xwf","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xv68-rrmw-9xwf"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-xv68-rrmw-9xwf","reference_id":"GHSA-xv68-rrmw-9xwf","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L"},{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T15:42:03Z/"}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-xv68-rrmw-9xwf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82863?format=json","purl":"pkg:composer/mautic/core@5.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-3fw8-xhj1-8yh9"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-9epj-119e-r7b1"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-nt2w-eqkm-6uhc"},{"vulnerability":"VCID-rntf-qccq-h7gg"},{"vulnerability":"VCID-rtzh-qevh-r7ae"},{"vulnerability":"VCID-s5u6-kjj4-wqbg"},{"vulnerability":"VCID-s8yp-uswr-a3hc"},{"vulnerability":"VCID-uh3r-4wuu-r7c8"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.1.1"}],"aliases":["CVE-2024-47058","GHSA-xv68-rrmw-9xwf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hjmh-y2kj-hkfz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/341145?format=json","vulnerability_id":"VCID-jcas-dc7u-6ycy","summary":"Duplicate Advisory: Mautic has insufficient authentication in upgrade flow","references":[{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H"},{"value":"7.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25770","reference_id":"CVE-2022-25770","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H"},{"value":"7.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25770"},{"reference_url":"https://github.com/advisories/GHSA-5hc5-fxr9-5frc","reference_id":"GHSA-5hc5-fxr9-5frc","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5hc5-fxr9-5frc"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-qf6m-6m4g-rmrc","reference_id":"GHSA-qf6m-6m4g-rmrc","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H"},{"value":"7.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-qf6m-6m4g-rmrc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82863?format=json","purl":"pkg:composer/mautic/core@5.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-3fw8-xhj1-8yh9"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-9epj-119e-r7b1"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-nt2w-eqkm-6uhc"},{"vulnerability":"VCID-rntf-qccq-h7gg"},{"vulnerability":"VCID-rtzh-qevh-r7ae"},{"vulnerability":"VCID-s5u6-kjj4-wqbg"},{"vulnerability":"VCID-s8yp-uswr-a3hc"},{"vulnerability":"VCID-uh3r-4wuu-r7c8"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.1.1"}],"aliases":["GHSA-5hc5-fxr9-5frc"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jcas-dc7u-6ycy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/193520?format=json","vulnerability_id":"VCID-khge-xuhx-zbb7","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25770","reference_id":"","reference_type":"","scores":[{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.53157","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25770"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/commit/73b18e9a434a28e528fe0e3d03620e7367bdcdca","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/73b18e9a434a28e528fe0e3d03620e7367bdcdca"},{"reference_url":"https://github.com/mautic/mautic/commit/aee7bfb7510a83acf178a7f02da9661c040e9abf","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/aee7bfb7510a83acf178a7f02da9661c040e9abf"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25770","reference_id":"CVE-2022-25770","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25770"},{"reference_url":"https://github.com/advisories/GHSA-qf6m-6m4g-rmrc","reference_id":"GHSA-qf6m-6m4g-rmrc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qf6m-6m4g-rmrc"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-qf6m-6m4g-rmrc","reference_id":"GHSA-qf6m-6m4g-rmrc","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T14:47:02Z/"}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-qf6m-6m4g-rmrc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82863?format=json","purl":"pkg:composer/mautic/core@5.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-3fw8-xhj1-8yh9"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-9epj-119e-r7b1"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-nt2w-eqkm-6uhc"},{"vulnerability":"VCID-rntf-qccq-h7gg"},{"vulnerability":"VCID-rtzh-qevh-r7ae"},{"vulnerability":"VCID-s5u6-kjj4-wqbg"},{"vulnerability":"VCID-s8yp-uswr-a3hc"},{"vulnerability":"VCID-uh3r-4wuu-r7c8"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.1.1"}],"aliases":["CVE-2022-25770","GHSA-qf6m-6m4g-rmrc"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-khge-xuhx-zbb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/265306?format=json","vulnerability_id":"VCID-kxm5-5dkf-nucr","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47050","reference_id":"","reference_type":"","scores":[{"value":"0.01135","scoring_system":"epss","scoring_elements":"0.7868","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47050"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/commit/0f21a3aa9c896788e1986fae0d7f166fc7a14c30","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/0f21a3aa9c896788e1986fae0d7f166fc7a14c30"},{"reference_url":"https://github.com/mautic/mautic/commit/43db5e492c0ef82c917745849d5b454dbc8ca2c4","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/43db5e492c0ef82c917745849d5b454dbc8ca2c4"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47050","reference_id":"CVE-2024-47050","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47050"},{"reference_url":"https://github.com/advisories/GHSA-73gr-32wg-qhh7","reference_id":"GHSA-73gr-32wg-qhh7","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-73gr-32wg-qhh7"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-73gr-32wg-qhh7","reference_id":"GHSA-73gr-32wg-qhh7","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T15:41:10Z/"}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-73gr-32wg-qhh7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82863?format=json","purl":"pkg:composer/mautic/core@5.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-3fw8-xhj1-8yh9"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-9epj-119e-r7b1"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-nt2w-eqkm-6uhc"},{"vulnerability":"VCID-rntf-qccq-h7gg"},{"vulnerability":"VCID-rtzh-qevh-r7ae"},{"vulnerability":"VCID-s5u6-kjj4-wqbg"},{"vulnerability":"VCID-s8yp-uswr-a3hc"},{"vulnerability":"VCID-uh3r-4wuu-r7c8"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.1.1"}],"aliases":["CVE-2024-47050","GHSA-73gr-32wg-qhh7"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kxm5-5dkf-nucr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/19886?format=json","vulnerability_id":"VCID-mqje-8k5c-x3bh","summary":"Mautic: MST-48  Server-Side Request Forgery in Asset section\nPrior to the patched version, an authenticated user of Mautic could read system files and access the internal addresses of the application due to a Server-Side Request Forgery (SSRF) vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25777","reference_id":"","reference_type":"","scores":[{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40445","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25777"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/commit/b4b4ab5f0613854152ceb7b5e5228acf50648fd0","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/b4b4ab5f0613854152ceb7b5e5228acf50648fd0"},{"reference_url":"https://github.com/mautic/mautic/commit/c54befd9eaaa49e4fc10a0fe22435c09ef2821b2","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/c54befd9eaaa49e4fc10a0fe22435c09ef2821b2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25777","reference_id":"CVE-2022-25777","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25777"},{"reference_url":"https://github.com/advisories/GHSA-mgv8-w49f-822w","reference_id":"GHSA-mgv8-w49f-822w","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mgv8-w49f-822w"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-mgv8-w49f-822w","reference_id":"GHSA-mgv8-w49f-822w","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-18T17:16:39Z/"}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-mgv8-w49f-822w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/68577?format=json","purl":"pkg:composer/mautic/core@5.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-3fw8-xhj1-8yh9"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-9epj-119e-r7b1"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-brjh-e9ew-h7dt"},{"vulnerability":"VCID-hjmh-y2kj-hkfz"},{"vulnerability":"VCID-jcas-dc7u-6ycy"},{"vulnerability":"VCID-khge-xuhx-zbb7"},{"vulnerability":"VCID-kxm5-5dkf-nucr"},{"vulnerability":"VCID-nt2w-eqkm-6uhc"},{"vulnerability":"VCID-pr6h-w2cd-zufv"},{"vulnerability":"VCID-rntf-qccq-h7gg"},{"vulnerability":"VCID-rtzh-qevh-r7ae"},{"vulnerability":"VCID-s5u6-kjj4-wqbg"},{"vulnerability":"VCID-s8yp-uswr-a3hc"},{"vulnerability":"VCID-uh3r-4wuu-r7c8"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.0.4"}],"aliases":["CVE-2022-25777","GHSA-mgv8-w49f-822w"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mqje-8k5c-x3bh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/265308?format=json","vulnerability_id":"VCID-nt2w-eqkm-6uhc","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47053","reference_id":"","reference_type":"","scores":[{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39552","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47053"},{"reference_url":"https://cwe.mitre.org/data/definitions/287.html","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:43:36Z/"}],"url":"https://cwe.mitre.org/data/definitions/287.html"},{"reference_url":"https://docs.mautic.org/en/5.2/configuration/settings.html#api-settings","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:43:36Z/"}],"url":"https://docs.mautic.org/en/5.2/configuration/settings.html#api-settings"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/commit/9d7ee57c92502ef77cddb091011c5ffef14b11ee","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/9d7ee57c92502ef77cddb091011c5ffef14b11ee"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-8xv7-g2q3-fqgc","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:43:36Z/"}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-8xv7-g2q3-fqgc"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47053","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47053"},{"reference_url":"https://github.com/advisories/GHSA-8xv7-g2q3-fqgc","reference_id":"GHSA-8xv7-g2q3-fqgc","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-8xv7-g2q3-fqgc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/194383?format=json","purl":"pkg:composer/mautic/core@5.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-3fw8-xhj1-8yh9"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-rntf-qccq-h7gg"},{"vulnerability":"VCID-rtzh-qevh-r7ae"},{"vulnerability":"VCID-s5u6-kjj4-wqbg"},{"vulnerability":"VCID-s8yp-uswr-a3hc"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.2.3"}],"aliases":["CVE-2024-47053","GHSA-8xv7-g2q3-fqgc"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nt2w-eqkm-6uhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/193519?format=json","vulnerability_id":"VCID-pr6h-w2cd-zufv","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25768","reference_id":"","reference_type":"","scores":[{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.59074","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25768"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/commit/89f964d06f00688016b38a56dfd9e95fc676c7ce","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/89f964d06f00688016b38a56dfd9e95fc676c7ce"},{"reference_url":"https://github.com/mautic/mautic/commit/925aeee7d3dbb6ca67f92d9dc5893d99250f739b","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/925aeee7d3dbb6ca67f92d9dc5893d99250f739b"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25768","reference_id":"CVE-2022-25768","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25768"},{"reference_url":"https://github.com/advisories/GHSA-x3jx-5w6m-q2fc","reference_id":"GHSA-x3jx-5w6m-q2fc","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x3jx-5w6m-q2fc"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-x3jx-5w6m-q2fc","reference_id":"GHSA-x3jx-5w6m-q2fc","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"7.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T15:42:37Z/"}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-x3jx-5w6m-q2fc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82863?format=json","purl":"pkg:composer/mautic/core@5.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-3fw8-xhj1-8yh9"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-9epj-119e-r7b1"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-nt2w-eqkm-6uhc"},{"vulnerability":"VCID-rntf-qccq-h7gg"},{"vulnerability":"VCID-rtzh-qevh-r7ae"},{"vulnerability":"VCID-s5u6-kjj4-wqbg"},{"vulnerability":"VCID-s8yp-uswr-a3hc"},{"vulnerability":"VCID-uh3r-4wuu-r7c8"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.1.1"}],"aliases":["CVE-2022-25768","GHSA-x3jx-5w6m-q2fc"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pr6h-w2cd-zufv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/265311?format=json","vulnerability_id":"VCID-rntf-qccq-h7gg","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47057","reference_id":"","reference_type":"","scores":[{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47603","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47057"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-424x-cxvh-wq9p","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T18:58:43Z/"}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-424x-cxvh-wq9p"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47057","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47057"},{"reference_url":"https://github.com/advisories/GHSA-424x-cxvh-wq9p","reference_id":"GHSA-424x-cxvh-wq9p","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-424x-cxvh-wq9p"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/196076?format=json","purl":"pkg:composer/mautic/core@5.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/196077?format=json","purl":"pkg:composer/mautic/core@6.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@6.0.2"}],"aliases":["CVE-2024-47057","GHSA-424x-cxvh-wq9p"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rntf-qccq-h7gg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/309610?format=json","vulnerability_id":"VCID-rtzh-qevh-r7ae","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5257","reference_id":"","reference_type":"","scores":[{"value":"0.0046","scoring_system":"epss","scoring_elements":"0.64398","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5257"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-cqx4-9vqf-q3m8","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T23:41:33Z/"}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-cqx4-9vqf-q3m8"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-5257","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-5257"},{"reference_url":"https://github.com/advisories/GHSA-cqx4-9vqf-q3m8","reference_id":"GHSA-cqx4-9vqf-q3m8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-cqx4-9vqf-q3m8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/196076?format=json","purl":"pkg:composer/mautic/core@5.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/196077?format=json","purl":"pkg:composer/mautic/core@6.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@6.0.2"}],"aliases":["CVE-2025-5257","GHSA-cqx4-9vqf-q3m8"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rtzh-qevh-r7ae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/265310?format=json","vulnerability_id":"VCID-s5u6-kjj4-wqbg","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47056","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15604","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47056"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-h2wg-v8wg-jhxh","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T23:45:38Z/"}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-h2wg-v8wg-jhxh"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47056","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47056"},{"reference_url":"https://github.com/advisories/GHSA-h2wg-v8wg-jhxh","reference_id":"GHSA-h2wg-v8wg-jhxh","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-h2wg-v8wg-jhxh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/196076?format=json","purl":"pkg:composer/mautic/core@5.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/196077?format=json","purl":"pkg:composer/mautic/core@6.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@6.0.2"}],"aliases":["CVE-2024-47056","GHSA-h2wg-v8wg-jhxh"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s5u6-kjj4-wqbg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/265309?format=json","vulnerability_id":"VCID-s8yp-uswr-a3hc","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47055","reference_id":"","reference_type":"","scores":[{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44518","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47055"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-vph5-ghq3-q782","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-29T19:02:39Z/"}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-vph5-ghq3-q782"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47055","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47055"},{"reference_url":"https://github.com/advisories/GHSA-vph5-ghq3-q782","reference_id":"GHSA-vph5-ghq3-q782","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-vph5-ghq3-q782"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/196076?format=json","purl":"pkg:composer/mautic/core@5.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/196077?format=json","purl":"pkg:composer/mautic/core@6.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@6.0.2"}],"aliases":["CVE-2024-47055","GHSA-vph5-ghq3-q782"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s8yp-uswr-a3hc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/265307?format=json","vulnerability_id":"VCID-uh3r-4wuu-r7c8","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47051","reference_id":"","reference_type":"","scores":[{"value":"0.01106","scoring_system":"epss","scoring_elements":"0.78395","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47051"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/commit/73b18e9a434a28e528fe0e3d03620e7367bdcdca","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mautic/mautic/commit/73b18e9a434a28e528fe0e3d03620e7367bdcdca"},{"reference_url":"https://github.com/mautic/mautic/commit/75bc488ce98b9c8ec01114984049fc1c42c0cae5","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/75bc488ce98b9c8ec01114984049fc1c42c0cae5"},{"reference_url":"https://github.com/mautic/mautic/commit/aee7bfb7510a83acf178a7f02da9661c040e9abf","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mautic/mautic/commit/aee7bfb7510a83acf178a7f02da9661c040e9abf"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-73gx-x7r9-77x2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-26T14:29:14Z/"}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-73gx-x7r9-77x2"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47051","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47051"},{"reference_url":"https://owasp.org/www-community/attacks/Code_Injection","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-26T14:29:14Z/"}],"url":"https://owasp.org/www-community/attacks/Code_Injection"},{"reference_url":"https://owasp.org/www-community/attacks/Path_Traversal","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-26T14:29:14Z/"}],"url":"https://owasp.org/www-community/attacks/Path_Traversal"},{"reference_url":"https://github.com/advisories/GHSA-73gx-x7r9-77x2","reference_id":"GHSA-73gx-x7r9-77x2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-73gx-x7r9-77x2"},{"reference_url":"https://github.com/advisories/GHSA-qf6m-6m4g-rmrc","reference_id":"GHSA-qf6m-6m4g-rmrc","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-qf6m-6m4g-rmrc"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-qf6m-6m4g-rmrc","reference_id":"GHSA-qf6m-6m4g-rmrc","reference_type":"","scores":[],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-qf6m-6m4g-rmrc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/194383?format=json","purl":"pkg:composer/mautic/core@5.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-3fw8-xhj1-8yh9"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-rntf-qccq-h7gg"},{"vulnerability":"VCID-rtzh-qevh-r7ae"},{"vulnerability":"VCID-s5u6-kjj4-wqbg"},{"vulnerability":"VCID-s8yp-uswr-a3hc"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.2.3"}],"aliases":["CVE-2024-47051","GHSA-73gx-x7r9-77x2"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uh3r-4wuu-r7c8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/19892?format=json","vulnerability_id":"VCID-v439-j65k-13bf","summary":"Mautic Sensitive Data Exposure due to inadequate user permission settings\nPrior to the patched version, logged in users of Mautic are able to access areas of the application that they should be prevented from accessing.\n\nUsers could potentially access sensitive data such as names and surnames, company names and stage names.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25776","reference_id":"","reference_type":"","scores":[{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18294","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25776"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/commit/22bdd0796ca6e1e985708b89ad5c07147630fecd","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/22bdd0796ca6e1e985708b89ad5c07147630fecd"},{"reference_url":"https://github.com/mautic/mautic/commit/2cc4af975fe01c264d439acc1451c936e7114644","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic/commit/2cc4af975fe01c264d439acc1451c936e7114644"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25776","reference_id":"CVE-2022-25776","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25776"},{"reference_url":"https://github.com/advisories/GHSA-qjx3-2g35-6hv8","reference_id":"GHSA-qjx3-2g35-6hv8","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qjx3-2g35-6hv8"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-qjx3-2g35-6hv8","reference_id":"GHSA-qjx3-2g35-6hv8","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-18T15:58:56Z/"}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-qjx3-2g35-6hv8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/68577?format=json","purl":"pkg:composer/mautic/core@5.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1t96-m4w5-pudn"},{"vulnerability":"VCID-3fw8-xhj1-8yh9"},{"vulnerability":"VCID-55b6-9yw1-byht"},{"vulnerability":"VCID-9epj-119e-r7b1"},{"vulnerability":"VCID-a4qh-wgz5-ufd3"},{"vulnerability":"VCID-brjh-e9ew-h7dt"},{"vulnerability":"VCID-hjmh-y2kj-hkfz"},{"vulnerability":"VCID-jcas-dc7u-6ycy"},{"vulnerability":"VCID-khge-xuhx-zbb7"},{"vulnerability":"VCID-kxm5-5dkf-nucr"},{"vulnerability":"VCID-nt2w-eqkm-6uhc"},{"vulnerability":"VCID-pr6h-w2cd-zufv"},{"vulnerability":"VCID-rntf-qccq-h7gg"},{"vulnerability":"VCID-rtzh-qevh-r7ae"},{"vulnerability":"VCID-s5u6-kjj4-wqbg"},{"vulnerability":"VCID-s8yp-uswr-a3hc"},{"vulnerability":"VCID-uh3r-4wuu-r7c8"},{"vulnerability":"VCID-wd8h-dskj-tycf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.0.4"}],"aliases":["CVE-2022-25776","GHSA-qjx3-2g35-6hv8"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v439-j65k-13bf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/319049?format=json","vulnerability_id":"VCID-wd8h-dskj-tycf","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9823","reference_id":"","reference_type":"","scores":[{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25139","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9823"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-9v8p-m85m-f7mm","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-03T17:32:56Z/"}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-9v8p-m85m-f7mm"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-9823","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-9823"},{"reference_url":"https://github.com/advisories/GHSA-9v8p-m85m-f7mm","reference_id":"GHSA-9v8p-m85m-f7mm","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-9v8p-m85m-f7mm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/193511?format=json","purl":"pkg:composer/mautic/core@5.2.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.2.8"},{"url":"http://public2.vulnerablecode.io/api/packages/193512?format=json","purl":"pkg:composer/mautic/core@6.0.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@6.0.5"}],"aliases":["CVE-2025-9823","GHSA-9v8p-m85m-f7mm"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wd8h-dskj-tycf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/21715?format=json","vulnerability_id":"VCID-x16f-ftqk-n3e2","summary":"Mautic user without privileged access to the Marketplace can install and uninstall composer packages\nA non privileged user can install and remove arbitrary packages via composer for a composer based installed, even if the flag in update settings for enable composer based update is unticked.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13828","reference_id":"","reference_type":"","scores":[{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19752","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13828"},{"reference_url":"https://github.com/mautic/mautic","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mautic/mautic"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-13828","reference_id":"CVE-2025-13828","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-13828"},{"reference_url":"https://github.com/advisories/GHSA-3fq7-c5m8-g86x","reference_id":"GHSA-3fq7-c5m8-g86x","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3fq7-c5m8-g86x"},{"reference_url":"https://github.com/mautic/mautic/security/advisories/GHSA-3fq7-c5m8-g86x","reference_id":"GHSA-3fq7-c5m8-g86x","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"9.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-02T17:11:56Z/"}],"url":"https://github.com/mautic/mautic/security/advisories/GHSA-3fq7-c5m8-g86x"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/71496?format=json","purl":"pkg:composer/mautic/core@5.2.9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.2.9"},{"url":"http://public2.vulnerablecode.io/api/packages/71497?format=json","purl":"pkg:composer/mautic/core@6.0.7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@6.0.7"}],"aliases":["CVE-2025-13828","GHSA-3fq7-c5m8-g86x"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x16f-ftqk-n3e2"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mautic/core@5.0.0"}