Vulnerability in Mautic Docker

CVE-2025-7381

ImpactThis is an information disclosure vulnerability originating from PHP's base image. This vulnerability exposes the PHP version through an X-Powered-By header, which attackers could exploit to fingerprint the server and identify potent…

EPSS: 0.002 (14.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N.

Affected products

  • Mautic Docker — versions <= 6.0.3-20250707-apache, <= 6.0.3-20250707-fpm, <= 5.2.7-20250707-apache

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2025-7381?
CVE-2025-7381 is a medium-severity vulnerability in Mautic Docker, classified under Exposure of Sensitive System Information to an Unauthorized Control Sphere. CVSS score: 5.3/10. Published 2025-07-09.
How severe is CVE-2025-7381?
Medium severity. CVSS v3 base score is 5.3 out of 10.