You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
Mautic has insufficient authentication in upgrade flow
Moderate severity
GitHub Reviewed
Published
Sep 18, 2024
in
mautic/mautic
•
Updated Nov 18, 2024
Impact
Mautic allows you to update the application via an upgrade script.
The upgrade logic isn't shielded off correctly, which may lead to vulnerable situation.
This vulnerability is mitigated by the fact that Mautic needs to be installed in a certain way to be vulnerable
Patches
Please upgrade to 4.4.1 or 5.1.1 or later.
Workarounds
None.
For more information
If you have any questions or comments about this advisory:
References