CVE-2024-58303 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

FoF Pretty Mail 1.1.2 contains a server-side template injection vulnerability that allows administrative users to inject malicious code into email templates. At…
High CVSS: 8.6

CVE-2024-58303

FoF Pretty Mail 1.1.2 contains a server-side template injection vulnerability that allows administrative users to inject malicious code into email templates. Attackers can execute system commands by inserting crafted template expressions that trigger arbitrary code execution during email generation.
Vendor
-
Product
-
CWE
CWE-1336
Yayın Tarihi
2025-12-11 22:15:51
Güncelleme
2025-12-12 15:17:31
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-1336 HIGH 2025

Referanslar

https://flarum.org/ https://github.com/FriendsOfFlarum/pretty-mail https://www.exploit-db.com/exploits/51948 https://www.vulncheck.com/advisories/fof-pretty-mail-server-side-template-injection-via-email-template-settings