Reflected Cross-Site Scripting (XSS) Vulnerability | |||
Severity: Medium | CVSS Score: 5.4 | CWE-ID: CWE-79 | Status: Not Fixed |
Vulnerability Description | |||
The application Mautic is affected by a reflected Cross-Site Scripting (XSS) vulnerability affecting version 2.16.2 and probably prior versions. These vulnerabilities could allow remote authenticated attackers to inject arbitrary web script or HTML. | |||
CVSS Base Score | |||
Attack Vector | Network | Scope | Changed |
Attack Complexity | Low | Confidentiality Impact | Low |
Privileges Required | Low | Integrity Impact | Low |
User Interaction | Required | Availability Impact | None |
Full details about the vulnerability will be disclosed once the vendor has provided a patch.