CVE-2024-25293

CRITICAL

mjml_app 3.0.4 and 3.1.0-beta - Remote Code Execution via Href Attribute

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-25293. PoCs published by EQSTLab.

AI-analyzed exploit summary This repository contains a Proof-of-Concept (PoC) for CVE-2024-25293, demonstrating local code execution in mjml-app versions 3.0.4-win and 3.1.0-beta via the 'href' attribute in the 'mj-button' tag. The exploit leverages path traversal and direct execution of local files (e.g., calc.exe) when a victim interacts with a malicious MJML file.

Description

mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution (RCE) via the href attribute.

Exploits (1)

nomisec WORKING POC

by EQSTLab · poc

https://github.com/EQSTLab/CVE-2024-25293

View Code ZIP pw:eip

This repository contains a Proof-of-Concept (PoC) for CVE-2024-25293, demonstrating local code execution in mjml-app versions 3.0.4-win and 3.1.0-beta via the 'href' attribute in the 'mj-button' tag. The exploit leverages path traversal and direct execution of local files (e.g., calc.exe) when a victim interacts with a malicious MJML file.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: mjml-app v3.0.4-win & v3.1.0-beta

No auth needed

Prerequisites: Victim must open and interact with a malicious MJML file

MITRE ATT&CK

T1204 - User Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory

https://github.com/EQSTLab/PoC/tree/main/2024/LCE/CVE-2024-25293

Scores

CVSS v3 9.3

EPSS 0.0099

EPSS Percentile 58.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-94

Status published

Products (2)

mjml/mjml_app 3.0.4

mjml/mjml_app 3.1.0 beta

Published Mar 01, 2024

Tracked Since Feb 18, 2026