CVE-2025-5257 (GCVE-0-2025-5257)
Vulnerability from cvelistv5
Published
2025-05-28 16:17
Modified
2025-05-28 23:43
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
CWE
  • CWE-1284 - Improper Validation of Specified Quantity in Input
Summary
SummaryThis advisory addresses a security vulnerability in Mautic where unpublished page previews could be accessed by unauthenticated users and potentially indexed by search engines. This could lead to the unintended disclosure of draft content or sensitive information. Unauthorized Access to Unpublished Page Previews: The page preview functionality for unpublished content, accessible via predictable URLs (e.g., /page/preview/1, /page/preview/2), lacked proper authorization checks. This allowed any unauthenticated user to view content that was not yet intended for public release, and allowed search engines to index these private preview URLs, making the content publicly discoverable. MitigationMautic has patched this vulnerability by enforcing proper permission checks on preview pages. Users should upgrade to the patched version of Mautic or later.
References
Impacted products
Vendor Product Version
Mautic Mautic Version: > 4.0   
Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5257",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-28T23:41:33.783649Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-28T23:43:08.966Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://packagist.org",
          "defaultStatus": "unaffected",
          "packageName": "mautic/core",
          "product": "Mautic",
          "repo": "https://github.com/mautic/mautic",
          "vendor": "Mautic",
          "versions": [
            {
              "lessThan": "\u003c 6.0.2, \u003c5.4.6, \u003c4.4.16",
              "status": "affected",
              "version": "\u003e 4.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Lenon Leite"
        },
        {
          "lang": "en",
          "type": "remediation reviewer",
          "value": "John Linhart"
        },
        {
          "lang": "en",
          "type": "remediation reviewer",
          "value": "Zdeno Kuzmany"
        },
        {
          "lang": "en",
          "type": "reporter",
          "value": "Lenon Leite"
        }
      ],
      "datePublic": "2025-05-28T16:13:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003ch2\u003eSummary\u003c/h2\u003eThis advisory addresses a security vulnerability in Mautic where unpublished page previews could be accessed by unauthenticated users and potentially indexed by search engines. This could lead to the unintended disclosure of draft content or sensitive information.\u003cbr\u003e\u003cbr\u003eUnauthorized Access to Unpublished Page Previews: The page preview functionality for unpublished content, accessible via predictable URLs (e.g., \u003ccode\u003e/page/preview/1\u003c/code\u003e, \u003ccode\u003e/page/preview/2\u003c/code\u003e), lacked proper authorization checks. This allowed any unauthenticated user to view content that was not yet intended for public release, and allowed search engines to index these private preview URLs, making the content publicly discoverable.\u003cbr\u003e\u003ch2\u003eMitigation\u003c/h2\u003eMautic has patched this vulnerability by enforcing proper permission checks on preview pages. Users should upgrade to the patched version of Mautic or later.\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "SummaryThis advisory addresses a security vulnerability in Mautic where unpublished page previews could be accessed by unauthenticated users and potentially indexed by search engines. This could lead to the unintended disclosure of draft content or sensitive information.\n\nUnauthorized Access to Unpublished Page Previews: The page preview functionality for unpublished content, accessible via predictable URLs (e.g., /page/preview/1, /page/preview/2), lacked proper authorization checks. This allowed any unauthenticated user to view content that was not yet intended for public release, and allowed search engines to index these private preview URLs, making the content publicly discoverable.\nMitigationMautic has patched this vulnerability by enforcing proper permission checks on preview pages. Users should upgrade to the patched version of Mautic or later."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-1",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1284",
              "description": "CWE-1284 Improper Validation of Specified Quantity in Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-28T17:38:10.472Z",
        "orgId": "4e531c38-7a33-45d3-98dd-d909c0d8852e",
        "shortName": "Mautic"
      },
      "references": [
        {
          "url": "https://github.com/mautic/mautic/security/advisories/GHSA-cqx4-9vqf-q3m8"
        }
      ],
      "source": {
        "advisory": "GHSA-cqx4-9vqf-q3m8",
        "discovery": "INTERNAL"
      },
      "title": "Predictable Page Indexing Might Lead to Sensitive Data Exposure",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "4e531c38-7a33-45d3-98dd-d909c0d8852e",
    "assignerShortName": "Mautic",
    "cveId": "CVE-2025-5257",
    "datePublished": "2025-05-28T16:17:54.013Z",
    "dateReserved": "2025-05-27T11:11:39.399Z",
    "dateUpdated": "2025-05-28T23:43:08.966Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-5257\",\"sourceIdentifier\":\"security@mautic.org\",\"published\":\"2025-05-28T17:15:25.917\",\"lastModified\":\"2025-05-29T14:29:50.247\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"SummaryThis advisory addresses a security vulnerability in Mautic where unpublished page previews could be accessed by unauthenticated users and potentially indexed by search engines. This could lead to the unintended disclosure of draft content or sensitive information.\\n\\nUnauthorized Access to Unpublished Page Previews: The page preview functionality for unpublished content, accessible via predictable URLs (e.g., /page/preview/1, /page/preview/2), lacked proper authorization checks. This allowed any unauthenticated user to view content that was not yet intended for public release, and allowed search engines to index these private preview URLs, making the content publicly discoverable.\\nMitigationMautic has patched this vulnerability by enforcing proper permission checks on preview pages. Users should upgrade to the patched version of Mautic or later.\"},{\"lang\":\"es\",\"value\":\"Resumen: Este aviso aborda una vulnerabilidad de seguridad en Mautic que permit\u00eda a usuarios no autenticados acceder a vistas previas de p\u00e1ginas no publicadas, las cuales podr\u00edan ser indexadas por motores de b\u00fasqueda. Esto podr\u00eda provocar la divulgaci\u00f3n involuntaria de borradores o informaci\u00f3n confidencial. Acceso no autorizado a vistas previas de p\u00e1ginas no publicadas: La funci\u00f3n de vista previa de p\u00e1ginas para contenido no publicado, accesible mediante URL predecibles (p. ej., /page/preview/1, /page/preview/2), carec\u00eda de las comprobaciones de autorizaci\u00f3n adecuadas. Esto permit\u00eda a cualquier usuario no autenticado ver contenido que a\u00fan no estaba destinado a ser publicado, y permit\u00eda a los motores de b\u00fasqueda indexar estas URL de vista previa privadas, haciendo que el contenido fuera visible p\u00fablicamente. Mitigaci\u00f3n: Mautic ha corregido esta vulnerabilidad implementando las comprobaciones de permisos adecuadas en las p\u00e1ginas de vista previa. Los usuarios deben actualizar a la versi\u00f3n corregida de Mautic o una versi\u00f3n posterior.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@mautic.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":2.5}]},\"weaknesses\":[{\"source\":\"security@mautic.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1284\"}]}],\"references\":[{\"url\":\"https://github.com/mautic/mautic/security/advisories/GHSA-cqx4-9vqf-q3m8\",\"source\":\"security@mautic.org\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-5257\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-28T23:41:33.783649Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-28T23:42:42.556Z\"}}], \"cna\": {\"title\": \"Predictable Page Indexing Might Lead to Sensitive Data Exposure\", \"source\": {\"advisory\": \"GHSA-cqx4-9vqf-q3m8\", \"discovery\": \"INTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"remediation developer\", \"value\": \"Lenon Leite\"}, {\"lang\": \"en\", \"type\": \"remediation reviewer\", \"value\": \"John Linhart\"}, {\"lang\": \"en\", \"type\": \"remediation reviewer\", \"value\": \"Zdeno Kuzmany\"}, {\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"Lenon Leite\"}], \"impacts\": [{\"capecId\": \"CAPEC-1\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"repo\": \"https://github.com/mautic/mautic\", \"vendor\": \"Mautic\", \"product\": \"Mautic\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e 4.0\", \"lessThan\": \"\u003c 6.0.2, \u003c5.4.6, \u003c4.4.16\", \"versionType\": \"semver\"}], \"packageName\": \"mautic/core\", \"collectionURL\": \"https://packagist.org\", \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2025-05-28T16:13:00.000Z\", \"references\": [{\"url\": \"https://github.com/mautic/mautic/security/advisories/GHSA-cqx4-9vqf-q3m8\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"SummaryThis advisory addresses a security vulnerability in Mautic where unpublished page previews could be accessed by unauthenticated users and potentially indexed by search engines. This could lead to the unintended disclosure of draft content or sensitive information.\\n\\nUnauthorized Access to Unpublished Page Previews: The page preview functionality for unpublished content, accessible via predictable URLs (e.g., /page/preview/1, /page/preview/2), lacked proper authorization checks. This allowed any unauthenticated user to view content that was not yet intended for public release, and allowed search engines to index these private preview URLs, making the content publicly discoverable.\\nMitigationMautic has patched this vulnerability by enforcing proper permission checks on preview pages. Users should upgrade to the patched version of Mautic or later.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003ch2\u003eSummary\u003c/h2\u003eThis advisory addresses a security vulnerability in Mautic where unpublished page previews could be accessed by unauthenticated users and potentially indexed by search engines. This could lead to the unintended disclosure of draft content or sensitive information.\u003cbr\u003e\u003cbr\u003eUnauthorized Access to Unpublished Page Previews: The page preview functionality for unpublished content, accessible via predictable URLs (e.g., \u003ccode\u003e/page/preview/1\u003c/code\u003e, \u003ccode\u003e/page/preview/2\u003c/code\u003e), lacked proper authorization checks. This allowed any unauthenticated user to view content that was not yet intended for public release, and allowed search engines to index these private preview URLs, making the content publicly discoverable.\u003cbr\u003e\u003ch2\u003eMitigation\u003c/h2\u003eMautic has patched this vulnerability by enforcing proper permission checks on preview pages. Users should upgrade to the patched version of Mautic or later.\u003cbr\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1284\", \"description\": \"CWE-1284 Improper Validation of Specified Quantity in Input\"}]}], \"providerMetadata\": {\"orgId\": \"4e531c38-7a33-45d3-98dd-d909c0d8852e\", \"shortName\": \"Mautic\", \"dateUpdated\": \"2025-05-28T17:38:10.472Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-5257\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-28T23:43:08.966Z\", \"dateReserved\": \"2025-05-27T11:11:39.399Z\", \"assignerOrgId\": \"4e531c38-7a33-45d3-98dd-d909c0d8852e\", \"datePublished\": \"2025-05-28T16:17:54.013Z\", \"assignerShortName\": \"Mautic\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.