CVE 8.8 HIGH

GrapesJsBuilder File Upload allows all file uploads_CVE-2025-13827

December 2, 2025 invoker category_cve

8.8 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Description

Summary
Arbitrary files can be uploaded via the GrapesJS Builder, as the types of files that can be uploaded are not restricted.
ImpactIf the media folder is not restricted from running files this can lead to a remote code execution.

AI Analysis

Arbitrary file upload vulnerability in GrapesJS Builder, potentially leading to remote code execution

Basic Information

ID CVE-2025-13827

Source Mautic

Published Dec 2, 2025 at 16:54

Modified Dec 2, 2025 at 17:10

Affected Product

Vendor Mautic

Product Mautic

Version <4.4.18, <5.2.9, <6.0.7

Affected Versions Mautic Mautic <4.4.18, <5.2.9, <6.0.7

CWE Classification

CWE-434

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor Mautic

Product Mautic

Version <4.4.18, <5.2.9, <6.0.7

References

github.com /mautic/mautic/security/advisories/GHSA-5xw2-57jx-pgjp

{
    "lastseen": "",
    "description": "Summary\nArbitrary files can be uploaded via the GrapesJS Builder, as the types of files that can be uploaded are not restricted. \nImpactIf the media folder is not restricted from running files this can lead to a remote code execution.",
    "published": "2025-12-02T16:54:39.986Z",
    "modified": "2025-12-02T17:10:25.179Z",
    "type": "cve",
    "title": "GrapesJsBuilder File Upload allows all file uploads",
    "source": "Mautic",
    "references": "https://github.com/mautic/mautic/security/advisories/GHSA-5xw2-57jx-pgjp",
    "id": "CVE-2025-13827",
    "bulletinFamily": "",
    "cwe": [
        "CWE-434"
    ],
    "cvelist": null,
    "sourceData": "Mautic Mautic <4.4.18, <5.2.9, <6.0.7",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Mautic",
    "version": "<4.4.18, <5.2.9, <6.0.7",
    "vendor": "Mautic",
    "ai_description": "Arbitrary file upload vulnerability in GrapesJS Builder, potentially leading to remote code execution",
    "ai_severity": "High",
    "ai_vendor": "Mautic",
    "ai_product": "Mautic",
    "ai_version": "<4.4.18, <5.2.9, <6.0.7",
    "ai_score": 8.8
}

💭 Join the Security Discussion ❌ Cancel Reply