GHSA-5hc5-fxr9-5frc: Duplicate Advisory: Mautic has insufficient authentication in upgrade flow
(updated )
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-qf6m-6m4g-rmrc. This link is maintained to preserve external references.
Original Description
Mautic allows you to update the application via an upgrade script.
The upgrade logic isn’t shielded off correctly, which may lead to vulnerable situation.
This vulnerability is mitigated by the fact that Mautic needs to be installed in a certain way to be vulnerable.
References
Detect and mitigate GHSA-5hc5-fxr9-5frc with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →