CVE-2025-13827

HIGH

Mautic Grapes-js-builder-bundle < 4.4.18 - Unrestricted File Upload

Title source: rule

Description

Summary Arbitrary files can be uploaded via the GrapesJS Builder, as the types of files that can be uploaded are not restricted. ImpactIf the media folder is not restricted from running files this can lead to a remote code execution.

References (1)

Core 1

Core References

Vendor Advisory

https://github.com/mautic/mautic/security/advisories/GHSA-5xw2-57jx-pgjp

Scores

CVSS v4 8.8

EPSS 0.0037

EPSS Percentile 58.7%

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-434

Status published

Products (2)

mautic/grapes-js-builder-bundle 4.0.0 - 4.4.18Packagist

Mautic/Mautic <4.4.18, <5.2.9, <6.0.7

Published Dec 02, 2025

Tracked Since Feb 18, 2026