Vulnerability Details : CVE-2017-1000490
Mautic versions 1.0.0 - 2.11.0 are vulnerable to allowing any authorized Mautic user session (must be logged into Mautic) to use the Filemanager to download any file from the server that the web user has access to.
Vulnerability category: Directory traversal
Exploit prediction scoring system (EPSS) score for CVE-2017-1000490
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 25 %
Percentile, the proportion of vulnerabilities that are scored at or less