Browse all 40 CVE security advisories affecting mautic. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Mautic is an open-source marketing automation platform designed to manage customer relationships through email campaigns, lead scoring, and personalized interactions. Its architecture, primarily built on PHP and Symfony, has historically exposed it to a significant volume of security flaws, currently totaling forty recorded Common Vulnerabilities and Exposures. The most prevalent vulnerability classes include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and SQL Injection, often stemming from insufficient input validation and improper access controls. Privilege escalation issues have also been documented, allowing lower-privileged users to gain administrative access. While the project maintains an active security response team that regularly patches these issues, the sheer number of disclosed CVEs highlights the risks associated with complex, community-driven codebases. Users must prioritize timely updates and strict configuration hardening to mitigate these persistent threats.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-2731 | Improper Access Control Issues Lead to Sensitive Data Exposure in Mautic — MauticCWE-284 | 5.4 | Medium | 2024-04-10 |
| CVE-2024-2730 | Predictable Page Indexing Might Lead to Sensitive Data Exposure in Mautic — MauticCWE-425 | 5.3 | Medium | 2024-04-10 |
| CVE-2022-25772 | Mautic 跨站脚本漏洞 — MauticCWE-79 | 9.6 | Critical | 2022-06-20 |
| CVE-2021-27914 | Mautic 跨站脚本漏洞 — MauticCWE-79 | 7.6 | High | 2022-06-01 |
| CVE-2021-27909 | XSS vulnerability on password reset page — MauticCWE-79 | 6.3 | Medium | 2021-08-30 |
| CVE-2021-27913 | Use of a Broken or Risky Cryptographic Algorithm — MauticCWE-327 | 3.5 | Low | 2021-08-30 |
| CVE-2021-27912 | XSS vulnerability on asset view — MauticCWE-79 | 7.1 | High | 2021-08-30 |
| CVE-2021-27911 | XSS vulnerability on contacts view — MauticCWE-79 | 8.3 | High | 2021-08-30 |
| CVE-2021-27910 | Stored XSS vulnerability on Bounce Management Callback — MauticCWE-79 | 8.2 | High | 2021-08-30 |
| CVE-2021-27908 | Mautic 注入漏洞 — MauticCWE-200 | 5.8 | Medium | 2021-03-23 |
This page lists every published CVE security advisory associated with mautic. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.