CNNVD-202512-2570 Information

CNNVD ID

CNNVD-202512-2570

Related CVE

CVE-2025-67898

• CNNVD Published: 2025-12-14

Description (Chinese)

Mailjet MJML是法国Mailjet公司的一款响应式电子邮件框架。 Mailjet MJML 4.18.0及之前版本存在安全漏洞，该漏洞源于mj-include允许目录遍历，可能导致测试文件存在性和读取文件。

Description (English)

Mailjet MJML is a responsive e-mail framework for Mailjet, France. Mailjet MJML 4.18.0 and previous versions have a security loophole, which stems from the mj-inclode allowed catalogues, which may lead to the existence of and access to the test files.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Mailjet

Published

2025-12-14

Last Modified

2026-02-24

References

https://github.com/mjmlio/mjml/issues/3018