CVE-2022-25770

Published Sep 18, 2024

Last updated 2 months ago

CVSS high 7.8

Overview

Description
Mautic allows you to update the application via an upgrade script. The upgrade logic isn't shielded off correctly, which may lead to vulnerable situation. This vulnerability is mitigated by the fact that Mautic needs to be installed in a certain way to be vulnerable.
Source
security@mautic.org
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.8
Impact score
5.8
Exploitability score
1.4
Vector string
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H
Severity
HIGH

Weaknesses

security@mautic.org
CWE-306

Social media

Hype score
Not currently trending

References