[MEDIUM] Mautic vulnerable to reflected XSS in lead:addLeadTags - Quick Add

PKSA-vhyd-4d5p-sjmg CVE-2025-9823 GHSA-9v8p-m85m-f7mm

Affected package: mautic/core

Affected version: >=6.0.0-alpha,<6.0.5|>=5.0.0-alpha,<5.2.8|>=4.4.0,<4.4.17

Reported by:
GitHub