Vulnerabilities > Acquia > Mautic > 2.5.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-03 | CVE-2017-1000489 | Improper Authentication vulnerability in multiple products Mautic versions 2.0.0 - 2.11.0 with a SSO plugin installed could allow a disabled user to still login using email address | 8.1 |
| 2018-01-03 | CVE-2017-1000488 | Cross-site Scripting vulnerability in multiple products Mautic version 2.1.0 - 2.11.0 is vulnerable to an inline JS XSS attack when using Mautic forms on a Mautic landing page using GET parameters to pre-populate the form. | 6.1 |