CVE-2022-25775
CVSS V2 None
CVSS V3 None
Description
Prior to the patched version, logged in users of Mautic are vulnerable to an SQL injection vulnerability in the Reports bundle.
The user could retrieve and alter data like sensitive data, login, and depending on database permission the attacker can manipulate file systems.
Overview
- CVE ID
- CVE-2022-25775
- Assigner
- Mautic
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-09-18T15:01:23.529Z
- Last Modified Date
- 2024-09-18T21:30:23.104Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://github.com/mautic/mautic/security/advisories/GHSA-jj6w-2cqg-7p94 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2022-25775 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25775 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-10-06 03:18:22 | Added to TrackCVE |