CVE-2018-10189 in Mauticالمعلومات

الملخص

بحسب MITRE

An issue was discovered in Mautic 1.x and 2.x before 2.13.0. It is possible to systematically emulate tracking cookies per contact due to tracking the contact by their auto-incremented ID. Thus, a third party can manipulate the cookie value with +1 to systematically assume being tracked as each contact in Mautic. It is then possible to retrieve information about the contact through forms that have progressive profiling enabled.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

حجز

17/04/2018

إفشاء

17/04/2018

الاعتدال

تمت الموافقة

إدخال

VDB-116293

CPE

جاهز

CWE

CWE-200 (مؤكد)

CVSS

7.5 (NVD)

EPSS

0.00300

KEV

لا

النشاطات

منخفض جدًا

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2018-10189
NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-10189
CVE Details	https://www.cvedetails.com/cve/CVE-2018-10189/

التالي ▸نظرة عامة ◂ السابق

Might our Artificial Intelligence support you?

Check our Alexa App!