Announcing Mautic 6.0.7: Rigel Edition

🔒Security release

This release addresses several security issues. Please update at your earliest convenience after taking a backup and ensuring that it's working.

🔒Security fixes

• GHSA-3fq7-c5m8-g86x - CVE-2025-13828 - Fixed privilege escalation vulnerability in Marketplace - Reported and fixed by @driskell, reviewed by @escopecz and @patrykgruszka.
• GHSA-5xw2-57jx-pgjp - CVE-2025-13827 - Fixed file upload restriction bypass in GrapesJsBuilder - Reported and fixed by @driskell, reviewed by @escopecz and @patrykgruszka.

🐛 Bugs

⬆️ Dependencies

• Update dependencies for M6 by @patrykgruszka in #15666
• Bump guzzlehttp/oauth-subscriber to 0.8.1by @patrykgruszka in #15678

🤖 DevOps

• Use lightweight Debian base image for devcontainer [6.0] by @matbcvo #15560

SHA1(6.0.7.zip)= 07f4d5cb518c0ddae502b5b0a03656b96e9e6e49
SHA1(6.0.7-update.zip)= 29b86183dc9cd016e21e52b15d18cab0c0fed161