CVE-2025-9821 — Mautic vulnerable to SSRF via webhook function

Description

### Summary Users with webhook permissions can conduct SSRF via webhooks. If they have permission to view the webhook logs, the (partial) request response is also disclosed ### Details When sending webhooks, the destination is not validated, causing SSRF. ### Impact Bypass of firewalls to interact with internal services. See https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29/ for more potential impact. ### Resources https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html for more information on SSRF and its fix

How to fix CVE-2025-9821

To remediate CVE-2025-9821, upgrade the affected package to a fixed version below.

—upgrade to 4.4.17 or later

Is CVE-2025-9821 being exploited?

Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

>= 4.4.0, < 4.4.17

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	LOW2.7	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

References (5)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2025-9821
PATCHgithub.com/mautic/mautic
WEBgithub.com/mautic/mautic/commit/6084f6de4c88d1aeb5f6c73ea4fe1b09c98ea52b
WEBgithub.com/mautic/mautic/commit/dc5bb1466c9a48fd34768dc8ff5888716b2916ba