How severe is CVE-2024-58303?

The severity of CVE-2024-58303 has not been assessed with CVSS v3.

CVE-2024-58303

NONE

FoF Pretty Mail 1.1.2 contains a server-side template injection vulnerability that allows administrative users to inject malicious code into email templates. Attackers can execute system commands by i

发布于: 12/11/2025更新于: 12/12/2025

描述

FoF Pretty Mail 1.1.2 contains a server-side template injection vulnerability that allows administrative users to inject malicious code into email templates. Attackers can execute system commands by inserting crafted template expressions that trigger arbitrary code execution during email generation.

AI分析AI驱动

参考资料

https://flarum.org/
https://github.com/FriendsOfFlarum/pretty-mail
https://www.exploit-db.com/exploits/51948
https://www.vulncheck.com/advisories/fof-pretty-mail-server-side-template-injection-via-email-template-settings