Impact
Prior to the patched version, an authenticated user of Mautic could read system files and access the internal addresses of the application due to a Server-Side Request Forgery (SSRF) vulnerability.
Patches
Update to 4.4.12 or 5.0.4
Workarounds
None
References
If you have any questions or comments about this advisory:
Email us at security@mautic.org
lenonleite Remediation developer
Impact
Prior to the patched version, an authenticated user of Mautic could read system files and access the internal addresses of the application due to a Server-Side Request Forgery (SSRF) vulnerability.
Patches
Update to 4.4.12 or 5.0.4
Workarounds
None
References
If you have any questions or comments about this advisory:
Email us at security@mautic.org