CNNVD-202512-206 Information

CNNVD ID

CNNVD-202512-206

Related CVE

CVE-2025-13828

• CNNVD Published: 2025-12-02

Description (Chinese)

Mautic是Mautic开源的一款开源的营销自动化软件。该软件能够监控管理网站、发送电子邮件并管理客户资源。 Mautic存在安全漏洞，该漏洞源于非特权用户可通过composer安装和移除任意包，可能导致低权限用户安装恶意代码获取更高权限。

Description (English)

Mautic is an open source marketing automation software. The software is capable of monitoring and managing the website, sending e-mails and managing client resources. There is a security loophole in Mautic, which stems from the fact that non-privileged users can install and remove random packages through coposer, which may lead to low-licensed users having higher privileges by installing malicious codes.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Mautic

Published

2025-12-02

Last Modified

2026-02-24

References

https://github.com/mautic/mautic/security/advisories/GHSA-3fq7-c5m8-g86x

Patch

https://mautic.org/download/