CNNVD-202512-2053 Information
Dec 11, 2025
cve
CNNVD ID
CNNVD-202512-2053
Related CVE
- CNNVD Published: 2025-12-11
Description (Chinese)
Pretty Mail by FriendsOfFlarum是Friends of Flarum开源的一个允许您为电子邮件制作自定义html模板的工具。 Pretty Mail by FriendsOfFlarum 1.1.2版本存在安全漏洞,该漏洞源于电子邮件模板中存在本地文件包含,可能导致读取敏感系统文件。
Description (English)
Pretty Mail by Friends OfFlarum is a tool for making custom html templates for e-mail that is open to friends of Flarum. There is a security loophole in Pretty Mail by Friends OfFlarum 1.1.2, which stems from the presence of local files in the e-mail template, which may lead to access to sensitive system files.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Friends of Flarum
Published
2025-12-11
Last Modified
2026-02-24
References
https://flarum.org/ https://github.com/FriendsOfFlarum/pretty-mail https://www.exploit-db.com/exploits/51947 https://www.vulncheck.com/advisories/fof-pretty-mail-local-file-inclusion-via-email-template-settings
Share on: