GHSA-9fcx-cv56-w58p

Source

https://github.com/advisories/GHSA-9fcx-cv56-w58p

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/04/GHSA-9fcx-cv56-w58p/GHSA-9fcx-cv56-w58p.json

Aliases

CVE-2021-27916

Published

2024-04-12T17:07:12Z

Modified

2024-04-12T17:27:00.597877Z

Details

Impact

Prior to the patched version, logged in users of Mautic are vulnerable to Relative Path Traversal/Arbitrary File Deletion. Regardless of the level of access the Mautic user had, they could delete files other than those in the media folders such as system files, libraries or other important files.

This vulnerability exists in the implementation of the GrapesJS builder in Mautic.

Patches

Update to 4.4.12 or 5.0.4.

Workarounds

References

https://cwe.mitre.org/data/definitions/23.html
https://cwe.mitre.org/data/definitions/22.html
https://attack.mitre.org/techniques/T1630/002/

For more information

If you have any questions or comments about this advisory:

Email us at security@mautic.org

References

Affected packages

Packagist / mautic/core

Package

Name: mautic/core

Affected ranges

Type: ECOSYSTEM
Events: Introduced

3.3.0

Fixed

4.4.12

Affected versions

3.*

3.3.0

3.3.1

3.3.2-rc

3.3.2

3.3.3-rc

3.3.3

3.3.4

3.3.5

4.*

4.0.0-alpha1

4.0.0-beta

4.0.0-rc

4.0.0

4.0.1

4.0.2

4.1.0

4.1.1

4.1.2

4.2.0-rc

4.2.0-rc1

4.2.0

4.2.1

4.2.2

4.3.0-beta

4.3.0-rc

4.3.0

4.3.1

4.4.0-beta

4.4.0

4.4.1

4.4.2

4.4.3

4.4.4

4.4.5

4.4.6

4.4.7

4.4.8

4.4.9

4.4.10

4.4.11

Packagist / mautic/core

Package

Name: mautic/core

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.0.0-alpha

Fixed

5.0.4

Affected versions

5.*

5.0.0-alpha

5.0.0-alpha1

5.0.0-beta1

5.0.0-beta2

5.0.0-rc1

5.0.0-rc2

5.0.0

5.0.1

5.0.2

5.0.3