Mautic versions before 2.13.0 had a vulnerability that allowed a CSV injection with exported contact lists - https://www.owasp.org/index.php/CSV_Injection.
Update to 2.13.0 or later.
None.
If you have any questions or comments about this advisory: * Email us at security@mautic.org
{ "nvd_published_at": null, "github_reviewed_at": "2021-01-19T21:13:01Z", "severity": "MODERATE", "github_reviewed": true, "cwe_ids": [ "CWE-1236" ] }