CVE-2024-25293

mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution RCE via the href attribute...

Exploit for Code Injection in Mjml Mjml_App

MJML Local Code Execution PoC A Proof-Of-Concept for CVE-2024...

CVE-2024-25293

mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution RCE via the href attribute...

CVE-2024-25293

mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution RCE via the href attribute...

Remote code execution

mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution RCE via the href attribute...

CVE-2024-25293

mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution RCE via the href attribute...

CVE-2024-25293

mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution RCE via the href attribute...

CVE-2024-25293

CVE-2024-25293 affects mjml-app versions 3.0.4 and 3.1.0-beta. Multiple sources confirm a remote code execution (RCE) via the href attribute, notably involving the mj-button tag and path traversal, enabling local code execution. An exploit PoC is available (PoC repository linked in connected docu...

MJML App Security Vulnerability

MJML App is an MJML open source MJML desktop application. A security vulnerability exists in mjml-app version 3.0.4 and 3.1.0-beta, which stems from a Remote Code Execution RCE vulnerability in the href attribute...

PT-2024-20866 · Mjml-App · Mjml-App

Name of the Vulnerable Software and Affected Versions: mjml-app versions 3.0.4 through 3.1.0-beta Description: The issue allows for remote code execution RCE via the href attribute. Recommendations: For versions 3.0.4 and 3.1.0-beta, consider restricting access to the href attribute until a patch...