Configuration Manipulation Vulnerability in Mautic by Mautic Inc.
CVE-2025-9822

5.5MEDIUM

Key Information:

Vendor: Mautic
Status: Mautic
Vendor: CVE Published:; 3 September 2025

What is CVE-2025-9822?

A security flaw allows users with administrator rights in the Mautic application to modify its configuration. This manipulation can lead to the exposure of sensitive information, such as database credentials, which would typically remain secured. By unintentionally disclosing these secrets, unauthorized access to vital resources could be achieved, raising significant security concerns for users and administrators alike.

Affected Version(s)

Mautic >= 4.4.0 < 4.4.0

Mautic >= 5.0.0-alpha < 5.0.0-alpha

Mautic >= 6.0.0-alpha < 6.0.0-alpha

References

https://github.com/mautic/mautic/security/advisories/GHSA...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 3, 2025
Vulnerability Reserved
Sep 2, 2025

Credit

B0D0B0P0T

lenonleite

kuzmany