3 matches found
EUVD-2025-203312
MJML through 4.18.0 allows mj-include directory traversal to test file existence and in the type="css" case read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827...
CVE-2020-12827
Summary: MJML contains a path traversal vulnerability via the mj-include directive. The original CVE-2020-12827 affected MJML prior to 4.6.3, which was disclosed as a path traversal issue when processing mj-include. The connected advisories confirm that the fix was incomplete in subsequent update...
MJML 4.6.2 Path Traversal Vulnerability
Exploit for php platform in category web applications 1. ADVISORY INFORMATION ======================= Product: MJML Vendor URL: https://github.com/mjmlio/mjml/ Type: Path Traversal CWE-22 Date found: 2020-04-28 Date published: 2020-06-14 CVSSv3 Score: 7.2...