CVE-2017-1000489: Improper Authentication

January 3, 2018 (updated January 16, 2018)

Mautic allows a disabled user to still login using email address.

References

github.com/mautic/mautic/releases/tag/2.12.0
nvd.nist.gov/vuln/detail/CVE-2017-1000489

Code Behaviors & Features

Detect and mitigate CVE-2017-1000489 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →