Mautic

Recent Changes

• Update mautic to 5.2.3

• Full Changelog

• CVE-2024-47053 - Improper Authorization in Reporting API - Reported by @​putzwasser, fixed by @​lenonleite and tested/reviwed by @​escopecz and @​patrykgruszka in https://github.com/mautic/mautic/security/advisories/GHSA-8xv7-g2q3-fqgc

• CVE-2022-25773 - Relative Path Traversal in assets file upload - Reported by @​majkelstick and @​patrykgruszka, fixed by @​patrykgruszka and tested/reviewed by @​escopecz and @​lenonleite in https://github.com/mautic/mautic/security/advisories/GHSA-4w2w-36vm-c8hf

• CVE-2024-47051 - Remote Code Execution & File Deletion in Asset Uploads - Reported by @​mallo-m, fixed by @​lenonleite and tested/reviewed by @​patrykgruszka in https://github.com/mautic/mautic/security/advisories/GHSA-73gx-x7r9-77x2

• DPMMA-3031 Configurable email address length limit to prevent delivery issues by @​patrykgruszka in https://github.com/mautic/mautic/pull/14577

• Fixing the audit log widget when a contact is deleted by @​escopecz in https://github.com/mautic/mautic/pull/14541

• Fixing segment building with default timezone by @​escopecz in https://github.com/mautic/mautic/pull/14549

• Email click tracking fix, PHP warning fix by @​escopecz in https://github.com/mautic/mautic/pull/14540

• fix: Fix font selection in CKEditor not including fallback fonts in output by @​driskell in https://github.com/mautic/mautic/pull/14539