CVE-2017-1000506: XSS
First published: Fri Feb 09 2018(Updated: )
Mautic version 2.11.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in Company's name that can result in denial of service and execution of javascript code.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mautic Mautic | <=2.11.0 | |
| composer/mautic/core | <=2.11.0 | 2.14.2 |
| <=2.11.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Mautic vulnerability?
The vulnerability ID for this Mautic vulnerability is CVE-2017-1000506.
What is the severity of CVE-2017-1000506?
CVE-2017-1000506 has a severity level of medium.
What is the affected version of Mautic?
Mautic version 2.11.0 and earlier are affected by this vulnerability.
What is the potential impact of CVE-2017-1000506?
The vulnerability can result in denial of service and execution of JavaScript code.
Where can I find more information about CVE-2017-1000506?
You can find more information about CVE-2017-1000506 at the following link: https://github.com/mautic/mautic/issues/5222
- collector/nvd-index
- agent/type
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-358v-cqjc-2pcq
- alias/CVE-2017-1000506
- agent/software-canonical-lookup
- agent/weakness
- agent/severity
- agent/references
- agent/description
- agent/author
- agent/softwarecombine
- collector/nvd-cve
- source/NVD
- collector/github-advisory
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/tags
- agent/first-publish-date
- agent/trending
- vendor/mautic
- canonical/mautic mautic
- version/mautic mautic/2.11.0
- package-manager/composer