
We found results for “”
CVE-2025-9822
Good to know:

Date: September 3, 2025
SummaryA user with administrator rights can change the configuration of the mautic application and extract secrets that are not normally available. ImpactAn administrator who usually does not have access to certain parameters, such as database credentials, can disclose them.
Severity Score
Related Resources (6)
Severity Score
Weakness Type (CWE)
Unverified Ownership
CWE-283Top Fix

Upgrade Version
Upgrade to version mautic/core - 4.4.17;mautic/core - 5.2.8;mautic/core - 6.0.5
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | HIGH |
Privileges Required (PR): | NONE |
User Interaction (UI): | REQUIRED |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | HIGH |