CVE-2024-26151

The mjml PyPI package, found at the FelixSchwarz/mjml-python GitHub repo, is an unofficial Python port of MJML, a markup language created by Mailjet. All users of FelixSchwarz/mjml-python who insert untrusted data into mjml templates unless that data is checked in a very strict manner. User input...

CVE-2024-26151 Potentially untrusted input is rendered as HTML in final output

The mjml PyPI package, found at the FelixSchwarz/mjml-python GitHub repo, is an unofficial Python port of MJML, a markup language created by Mailjet. All users of FelixSchwarz/mjml-python who insert untrusted data into mjml templates unless that data is checked in a very strict manner. User input...

CVE-2024-26151 Potentially untrusted input is rendered as HTML in final output

The mjml PyPI package, found at the FelixSchwarz/mjml-python GitHub repo, is an unofficial Python port of MJML, a markup language created by Mailjet. All users of FelixSchwarz/mjml-python who insert untrusted data into mjml templates unless that data is checked in a very strict manner. User input...

CVE-2024-26151

The CVE-2024-26151 issue affects the mjml-python package (FelixSchwarz/mjml-python), an unofficial Python port of MJML. The root cause is that untrusted input can be rendered as HTML in the final output when injected into mjml templates, allowing an attacker to influence email contents sent to ot...