CVE-2018-10189 in Mauticinfo

Zusammenfassung

von MITRE

An issue was discovered in Mautic 1.x and 2.x before 2.13.0. It is possible to systematically emulate tracking cookies per contact due to tracking the contact by their auto-incremented ID. Thus, a third party can manipulate the cookie value with +1 to systematically assume being tracked as each contact in Mautic. It is then possible to retrieve information about the contact through forms that have progressive profiling enabled.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

17.04.2018

Veröffentlichung

17.04.2018

Moderieren

akzeptiert

Eintrag

VDB-116293

CPE

bereit

CWE

CWE-200 (bestätigt)

CVSS

7.5 (NVD)

EPSS

0.00300

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2018-10189
NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-10189
CVE Details	https://www.cvedetails.com/cve/CVE-2018-10189/

◂ Zurück Übersicht Weiter ▸

Interested in the pricing of exploits?

See the underground prices here!