An issue was discovered in Mautic 2.13.1. There is Stored XSS via the authorUrl field in config.json.
Published September 7, 2019.
Mautic Mautic
