Vulnerability in Flarum Friendsofflarum Pretty Mail

CVE-2024-58303

FoF Pretty Mail 1.1.2 contains a server-side template injection vulnerability that allows administrative users to inject malicious code into email templates. Attackers can execute system commands by inserting crafted template expressions t…

EPSS: 0.005 (40.8th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References