Mjml App
Monthly
mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution (RCE) via the href attribute. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution (RCE) via the href attribute. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.