Mjml: Security Vulnerabilities
mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution (RCE) via the href attribute.
CVSS Score
9.3
EPSS Score
0.164
Published
2024-03-01
MJML prior to 4.6.3 contains a path traversal vulnerability when processing the mj-include directive within an MJML document.
CVSS Score
7.2
EPSS Score
0.021
Published
2020-06-17