CVE-2025-5257

Name of the Vulnerable Software and Affected Versions Mautic (affected versions not specified)

Description The issue concerns unauthorized access to unpublished page previews in Mautic, which could be accessed by unauthenticated users and potentially indexed by search engines. This could lead to the unintended disclosure of draft content or sensitive information. The page preview functionality for unpublished content, accessible via predictable URLs (e.g., "/page/preview/1", "/page/preview/2"), lacked proper authorization checks, allowing any unauthenticated user to view content not yet intended for public release.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.