mautic/core-lib vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the mautic/core-lib package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M Missing Authorization	<5.2.6>=6.0.0-alpha, <6.0.2
M Exposure of Sensitive System Information to an Unauthorized Control Sphere	<5.2.6>=6.0.0-alpha, <6.0.2
M Open Redirect	<5.2.6>=6.0.0-alpha, <6.0.2
M Timing Attack	<5.2.6>=6.0.0-alpha, <6.0.2
M Improper Validation of Specified Quantity in Input	<5.2.6>=6.0.0-alpha, <6.0.2
M Incorrect Authorization	<5.2.3>=6.0.0-alpha, <6.0.0-beta
M Directory Traversal	<5.2.3>=6.0.0-alpha, <6.0.0-beta
H Arbitrary Code Injection	<5.2.3>=6.0.0-alpha, <6.0.0-beta
M Missing Authentication for Critical Function	>=1.0.0-beta3, <4.4.13>=5.0.0-alpha, <5.1.1
M Cross-site Scripting (XSS)	>=1.0.0-beta, <4.4.13>=5.0.0-alpha, <5.1.1
H Cross-site Scripting (XSS)	>=1.0.0-beta4, <4.4.13>=5.0.0-alpha, <5.1.1
H Improper Access Control	>=1.1.3, <4.4.13>=5.0.0-alpha, <5.1.1
M Cross-site Scripting (XSS)	>=2.6.0, <4.4.13>=5.0.0-alpha, <5.1.1