Search for vulnerabilities
| Vulnerability ID | VCID-5dp5-sahm-affj |
| Aliases |
CVE-2022-25777
GHSA-mgv8-w49f-822w |
| Summary | Mautic: MST-48 Server-Side Request Forgery in Asset section Prior to the patched version, an authenticated user of Mautic could read system files and access the internal addresses of the application due to a Server-Side Request Forgery (SSRF) vulnerability. |
| Status | Published |
| Exploitability | None |
| Weighted Severity | None |
| Risk | None |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| There are no known severity scores. | ||
| Reference id | Reference type | URL |
|---|---|---|
| https://github.com/mautic/mautic | ||
| https://github.com/mautic/mautic/commit/b4b4ab5f0613854152ceb7b5e5228acf50648fd0 | ||
| https://github.com/mautic/mautic/commit/c54befd9eaaa49e4fc10a0fe22435c09ef2821b2 | ||
| CVE-2022-25777 | https://nvd.nist.gov/vuln/detail/CVE-2022-25777 | |
| GHSA-mgv8-w49f-822w | https://github.com/advisories/GHSA-mgv8-w49f-822w | |
| GHSA-mgv8-w49f-822w | https://github.com/mautic/mautic/security/advisories/GHSA-mgv8-w49f-822w |
No EPSS data available for this vulnerability.
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2026-06-02T04:47:35.662775+00:00 | GitLab Importer | Import | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/mautic/core/CVE-2022-25777.yml | 38.6.0 |