CVE-2024-47050 – This vulnerability allows attackers to inject m... (How to Fix)

Q: What is the severity of CVE-2024-47050?

CVE-2024-47050 has a CVSS score of 5.4 (MEDIUM). This vulnerability allows attackers to inject malicious scripts into Mautic's tracking functionality through the Page URL variable. When exploited, these scripts execute in victims' browsers, potentially stealing session cookies or performing unauthorized actions. All Mautic instances with vulnerable versions are affected.

📋 TL;DR

This vulnerability allows attackers to inject malicious scripts into Mautic's tracking functionality through the Page URL variable. When exploited, these scripts execute in victims' browsers, potentially stealing session cookies or performing unauthorized actions. All Mautic instances with vulnerable versions are affected.

💻 Affected Systems

Products:

Mautic

Versions: Versions prior to the patch

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: All Mautic installations using vulnerable versions are affected regardless of configuration.

📦 What is this software?

Mautic by Acquia

View all CVEs affecting Mautic →

Mautic by Acquia

View all CVEs affecting Mautic →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal administrator session cookies, gain full control of the Mautic instance, and compromise user data including contact information and marketing campaigns.

🟠

Likely Case

Attackers steal user session cookies to impersonate legitimate users, potentially accessing sensitive contact data and performing unauthorized marketing actions.

🟢

If Mitigated

With proper input validation and output encoding, malicious scripts are neutralized before execution, preventing successful exploitation.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires tricking users into visiting malicious URLs but doesn't require authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check the GitHub advisory for specific patched versions

Vendor Advisory: https://github.com/mautic/mautic/security/advisories/GHSA-73gr-32wg-qhh7

Restart Required: No

Instructions:

1. Review the GitHub security advisory
2. Update Mautic to the latest patched version
3. Verify the fix by testing the Page URL parameter

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side validation to sanitize Page URL parameters before processing

Implement regex filtering for URL parameters in tracking code

🧯 If You Can't Patch

Implement WAF rules to block XSS payloads in URL parameters
Enable Content Security Policy headers to restrict script execution

🔍 How to Verify

Check if Vulnerable:

Test by injecting basic XSS payloads into the Page URL parameter and checking if they execute

Check Version:

Check Mautic version in admin panel or via composer show mautic/core

Verify Fix Applied:

After patching, attempt the same XSS payloads and verify they are properly sanitized

📡 Detection & Monitoring

Log Indicators:

Unusual URL parameters containing script tags or JavaScript in tracking logs
Multiple failed XSS attempts

Network Indicators:

HTTP requests with suspicious URL parameters containing script elements

SIEM Query:

source="mautic_logs" AND (url="*<script>*" OR url="*javascript:*")

📊 Metadata

CVE ID: CVE-2024-47050

CVSS v3 Score: 5.4 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

CWE: CWE-79

Published: September 18, 2024

Last Updated: September 27, 2024

🔗 References

https://github.com/mautic/mautic/security/advisories/GHSA-73gr-32wg-qhh7 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-47050, you might also want to check these: