CVE-2024-25293

mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution RCE via the href attribute...

Exploit for Code Injection in Mjml Mjml_App

MJML Local Code Execution PoC A Proof-Of-Concept for CVE-2024...

CVE-2024-25293

mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution RCE via the href attribute...

CVE-2024-25293

mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution RCE via the href attribute...

Remote code execution

mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution RCE via the href attribute...

CVE-2024-25293

mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution RCE via the href attribute...

MJML App Security Vulnerability

MJML App is an MJML open source MJML desktop application. A security vulnerability exists in mjml-app version 3.0.4 and 3.1.0-beta, which stems from a Remote Code Execution RCE vulnerability in the href attribute...

CVE-2024-25293

mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution RCE via the href attribute...

CVE-2024-25293

CVE-2024-25293 affects mjml-app versions 3.0.4 and 3.1.0-beta. Multiple sources confirm a remote code execution (RCE) via the href attribute, notably involving the mj-button tag and path traversal, enabling local code execution. An exploit PoC is available (PoC repository linked in connected docu...

PT-2024-20866 · Mjml-App · Mjml-App

Name of the Vulnerable Software and Affected Versions: mjml-app versions 3.0.4 through 3.1.0-beta Description: The issue allows for remote code execution RCE via the href attribute. Recommendations: For versions 3.0.4 and 3.1.0-beta, consider restricting access to the href attribute until a patch...