Zhenwarx

Name of the Vulnerable Software and Affected Versions: Mautic versions prior to 3.3.4 Mautic versions prior to 4.0.0 Description: There is an issue with Mautic's password reset page where a vulnerable parameter, `bundle`, in the URL could allow an attacker to execute Javascript code. The attacker would need to convince or trick the target into clicking a password reset URL with the vulnerable parameter utilized. Recommendations: For versions prior to 3.3.4, upgrade to 3.3.4 or a later version. For versions prior to 4.0.0, upgrade to 4.0.0 or a later version.