Vulnerabilities

CVE-2025-13828

by Fred · 02/12/2025

SummaryA non privileged user can install and remove arbitrary packages via composer for a composer based installed, even if the flag in update settings for enable composer based update is unticked.

ImpactA low-privileged user of the platform can install malicious code to obtain higher privileges.

More information : https://github.com/mautic/mautic/security/advisories/GHSA-3fq7-c5m8-g86x

Similar

Tags: Cybersecurity Alert