GHSA-8vff-35qm-qjvv: Mautic allows users enumeration due to weak password login

GHSA-qf6m-6m4g-rmrc: Mautic has insufficient authentication in upgrade flow

GHSA-xpc5-rr39-v8v2: Mautic has an XSS in contact tracking and page hits report

GHSA-73gr-32wg-qhh7: Mautic vulnerable to XSS in contact/company tracking (no authentication)

GHSA-xv68-rrmw-9xwf: Mautic vulnerable to Cross-site Scripting (XSS) - stored (edit form HTML field)

Hutool v5.8.17 and below was discovered to contain an information disclosure vulnerability via the `File.createTempFile()` function at `/core/io/FileUtil.java`.

**Insecure Temporary File in HuTool**

Moderate severity GitHub Reviewed Published Jun 13, 2023 to the GitHub Advisory Database • Updated Jun 14, 2023

Headline

GHSA-7mcw-xmx3-7p8m: Insecure Temporary File in HuTool

Related news

ghsa: Latest News