Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
FoF Pretty Mail 1.1.2 Server Side Template Injection via Email Template Settings
Vulnerability Description
FoF Pretty Mail 1.1.2 contains a server-side template injection vulnerability that allows administrative users to inject malicious code into email templates. Attackers can execute system commands by inserting crafted template expressions that trigger arbitrary code execution during email generation.
CVSS Information
N/A
Vulnerability Type
CWE-1336
Vulnerability Title
Pretty Mail by FriendsOfFlarum 安全漏洞
Vulnerability Description
Pretty Mail by FriendsOfFlarum是Friends of Flarum开源的一个允许您为电子邮件制作自定义html模板的工具。 Pretty Mail by FriendsOfFlarum 1.1.2版本存在安全漏洞,该漏洞源于电子邮件模板中存在服务器端模板注入,可能导致执行系统命令。
CVSS Information
N/A
Vulnerability Type
N/A