Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
MJML through 4.18.0 allows mj-include directory traversal to test file existence and (in the type="css" case) read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L
Vulnerability Type
绝对路径遍历
Vulnerability Title
Mailjet MJML 安全漏洞
Vulnerability Description
Mailjet MJML是法国Mailjet公司的一款响应式电子邮件框架。 Mailjet MJML 4.18.0及之前版本存在安全漏洞,该漏洞源于mj-include允许目录遍历,可能导致测试文件存在性和读取文件。
CVSS Information
N/A
Vulnerability Type
N/A