Prior to the patched version, an authenticated user of Mautic could read system files and access the internal addresses of the application due to a Server-Side Request Forgery (SSRF) vulnerability.
Update to 4.4.12 or 5.0.4
None
If you have any questions or comments about this advisory:
Email us at security@mautic.org