cve/2024/CVE-2024-2730.md

### [CVE-2024-2730](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2730)
![](https://img.shields.io/static/v1?label=Product&message=Mautic&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-425%20Direct%20Request%20('Forced%20Browsing')&color=brightgreen)

### Description

Mautic uses predictable page indices for unpublished landing pages, their content can be accessed by unauthenticated users under public preview URLs which could expose sensitive data. At the time of publication of the CVE no patch is available 

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/ZHAW-Infosec-Research-Group/A2CT
Update CVE sources 2025-09-29 16:08 2025-09-29 16:08:36 +00:00			`### [CVE-2024-2730](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2730)`
			`![](https://img.shields.io/static/v1?label=Product&message=Mautic&color=blue)`
Update CVE list 2025-09-29 21:09 2025-09-29 21:09:30 +02:00			`![](https://img.shields.io/static/v1?label=Version&message=0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-425%20Direct%20Request%20('Forced%20Browsing')&color=brightgreen)`
Update CVE sources 2025-09-29 16:08 2025-09-29 16:08:36 +00:00
			`### Description`

			`Mautic uses predictable page indices for unpublished landing pages, their content can be accessed by unauthenticated users under public preview URLs which could expose sensitive data. At the time of publication of the CVE no patch is available`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/ZHAW-Infosec-Research-Group/A2CT`