How severe is CVE-2022-25769?

CVE-2022-25769 has a CVSS v3 score of 7.2 (HIGH).

CVE-2022-25769

Name: mautic
Author: acquia

7.2HIGH

ImpactThe default .htaccess file has some restrictions in the access to PHP files to only allow specific PHP files to be executed in the root of the application. This logic isn't correct, as the rege

게시됨: 9/18/2024업데이트됨: 2/27/2025

설명

ImpactThe default .htaccess file has some restrictions in the access to PHP files to only allow specific PHP files to be executed in the root of the application. This logic isn't correct, as the regex in the second FilesMatch only checks the filename, not the full path.

AI 분석AI 기반

영향받는 제품

acquiamautic

참조

https://github.com/mautic/mautic/security/advisories/GHSA-mj6m-246h-9w56
Vendor Advisory
https://www.mautic.org/blog/community/mautic-4-2-one-small-step-mautic
Release Notes