Executive Summary

This vulnerability is a stored Cross-Site Scripting (XSS) issue found in the Projects component of Mautic 7. It occurs because user-supplied project names are displayed without proper sanitization on administrative detail views such as campaigns, emails, or forms. An authenticated user who has permission to create or edit projects can inject malicious script payloads into project names.

When an administrative user views an entity associated with a compromised project and hovers over its tag, the injected script executes within their browser session. This allows the attacker to run malicious code in the context of the victim's session.

Useful 0 Not Useful 0

Impact Analysis

The impact of this vulnerability includes the potential for an attacker to perform administrative actions on behalf of the victim, alter system configurations, or exfiltrate sensitive data. Since the malicious script runs in the context of an administrative user's browser session, it can lead to unauthorized changes and data breaches.

Useful 0 Not Useful 0

Detection Guidance

The vulnerability involves stored Cross-Site Scripting (XSS) in project names rendered without proper sanitization in Mautic 7's Projects component. Detection involves identifying if any project names contain malicious script payloads that execute when hovered over in administrative views.

Since the vulnerability requires an authenticated user with project creation or editing permissions to inject scripts, detection can focus on reviewing project names for suspicious or unexpected script tags or payloads.

There are no specific commands provided in the available resources to detect this vulnerability on your system or network.

Useful 0 Not Useful 0

Mitigation Strategies

The vulnerability has been patched in Mautic version 7.1.2. The primary immediate mitigation is to upgrade to this patched version.

If upgrading immediately is not possible, restrict project creation and modification permissions to trusted users only to prevent malicious script injection.

Useful 0 Not Useful 0

Compliance Impact

This vulnerability allows an attacker to execute malicious scripts within an administrative user's browser session, potentially enabling unauthorized administrative actions, alteration of system configurations, or exfiltration of sensitive data.

Such unauthorized access and potential data exfiltration could lead to non-compliance with data protection regulations like GDPR and HIPAA, which require safeguarding sensitive data and ensuring system integrity.

Therefore, if exploited, this vulnerability could compromise the confidentiality and integrity of sensitive information, impacting compliance with these common standards and regulations.

Useful 0 Not Useful 0