{ "affected": [ { "ranges": [ { "database_specific": { "versions": [ { "introduced": "1.0.1" }, { "fixed": "4.4.12" }, { "introduced": "5.0.0" }, { "fixed": "5.0.4" }, { "introduced": "0" }, { "last_affected": "1.0.0-NA" }, { "introduced": "0" }, { "last_affected": "1.0.0-beta4" }, { "introduced": "0" }, { "last_affected": "1.0.0-rc1" }, { "introduced": "0" }, { "last_affected": "1.0.0-rc2" }, { "introduced": "0" }, { "last_affected": "1.0.0-rc3" }, { "introduced": "0" }, { "last_affected": "1.0.0-rc4" } ] }, "events": [ { "introduced": "e8f705b9c1990077aa944ef2aaf5b705591bfe05" }, { "fixed": "d1a8dcdf235f5b50bd1e05146a704e0c250c25da" }, { "introduced": "96b53794017cde917e1e4262ebaaae5099e3586a" }, { "fixed": "4676457f5ac7c9d13308b119a28bbe527cb542ce" }, { "introduced": "0" }, { "last_affected": "41ced3a8454de4950c7da4c81291993737783930" }, { "introduced": "0" }, { "last_affected": "23f57e8f98e84c4df5edee72b05036beb36f9279" }, { "introduced": "0" }, { "last_affected": "554959c940968504f1373cc49b5ede350f62ae40" }, { "introduced": "0" }, { "last_affected": "232c4ab7f9d10530196a78c9d728f4857afcac18" }, { "introduced": "0" }, { "last_affected": "a48995b067426cc2e1354217f591a2fb9eb3af5c" }, { "introduced": "0" }, { "last_affected": "7f0a26411e8a1d159c6c24061df33d20a2eca7ce" } ], "repo": "https://github.com/mautic/mautic", "type": "GIT" } ] } ], "aliases": [ "GHSA-mgv8-w49f-822w" ], "details": "Prior to the patched version, an authenticated user of Mautic could read system files and access the internal addresses of the application due to a Server-Side Request Forgery (SSRF) vulnerability.", "id": "CVE-2022-25777", "modified": "2026-03-10T21:50:55.506830005Z", "published": "2024-09-18T16:15:04.980Z", "references": [ { "type": "ADVISORY", "url": "https://github.com/mautic/mautic/security/advisories/GHSA-mgv8-w49f-822w" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "type": "CVSS_V3" } ] }