Object Injection Vulnerability in Mailjet by Drupal
CVE-2024-13296

Currently unrated

Key Information:

Vendor: Drupal
Vendor: CVE Published:; 9 January 2025

Summary

A vulnerability has been identified in the Mailjet plugin for Drupal that allows for Object Injection through deserialization of untrusted data. This issue can be exploited by attackers to manipulate application behavior, which could lead to unauthorized access or other malicious activities. Affected versions include Mailjet prior to 4.0.1. It is crucial for users of this plugin to update to the latest version to mitigate potential risks.

References

https://www.drupal.org/sa-contrib-2024-062

Timeline

Vulnerability published
Jan 9, 2025