CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2025/12/17 8:7 a.m.•7 views

CVE-2025-67898

MJML through 4.18.0 allows mj-include directory traversal to test file existence and in the type="css" case read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827...

7.2CVSS6.9AI score0.02229EPSS

Exploits4References1

Github Security Blog•added 2025/12/15 12:30 a.m.•11 views

MJML allows mj-include directory traversal due to an incomplete fix for CVE-2020-12827

MJML through 4.18.0 allows mj-include directory traversal to test file existence and in the type="css" case read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827...

7.2CVSS6.9AI score0.02229EPSS

Exploits4References4Affected Software1

CVE•added 2025/12/14 10:1 p.m.•11 views

CVE-2025-67898

CVE-2025-67898 affects MJML up to version 4.18.0, where the mj-include directive allows directory traversal to test file existence and, in type="css" cases, read files. The issue arises from an incomplete fix related to CVE-2020-12827. Several connected sources corroborate the exact behavior (dir...

4.5CVSS6.5AI score0.0001EPSS

Exploits3References1

Cvelist•added 2025/12/14 10:1 p.m.•19 views

CVE-2025-67898

MJML through 4.18.0 allows mj-include directory traversal to test file existence and in the type="css" case read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827...

4.5CVSS0.0001EPSS

Exploits3References1

CNNVD•added 2025/12/14 12:0 a.m.•4 views

Mailjet MJML 安全漏洞

Mailjet MJML is a responsive email framework from the French company Mailjet. A security vulnerability exists in Mailjet MJML version 4.18.0 and earlier, which stems from mj-include allowing directory traversal, which could lead to testing for file existence and reading files...

4.5CVSS6.3AI score0.0001EPSS

Exploits3References1