Security for everyone

CVE-2021-27909 Scanner

Detects 'Cross-Site Scripting (XSS)' vulnerability in Mautic affects v. prior to 3.3.4/4.0.0.


Short Info



Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one




Mautic is an open-source marketing automation platform that allows businesses to create, deploy, and manage marketing campaigns. It's a popular tool among marketers as it offers a seamless customer experience and helps increase engagement with existing and potential customers. The platform offers several features such as email marketing, lead generation, and analytics, making it an all-in-one solution for businesses looking to boost their marketing efforts.

CVE-2021-27909 is a vulnerability that was detected in Mautic versions prior to 3.3.4/4.0.0. The vulnerability lies in Mautic's password reset page, where a vulnerable parameter in the URL, called "bundle," can be exploited to execute JavaScript code. An attacker can exploit this vulnerability by tricking the target into clicking a password reset URL with the vulnerable parameter utilized. This can lead to the attacker gaining access to sensitive information such as login credentials and other data.

Exploiting this vulnerability can be extremely harmful to the target as it puts their sensitive data at risk. An attacker can use the gained information to carry out various malicious activities such as identity theft, unauthorized access to accounts, and other cybercrimes. It can put the business at risk of experiencing a data breach, which can lead to severe financial and reputational losses.

By using the pro features of platform, businesses can easily and quickly learn about vulnerabilities in their digital assets. With features such as automated vulnerability scanning and patch management, the platform offers businesses complete security, allowing them to focus on their core competencies without worrying about security threats. Stay ahead of cyber threats and protect your business with



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture