View online: https://www.drupal.org/sa-contrib-2024-062
Project: Mailjet [1] Date: 2024-November-20 Security risk: *Moderately critical* 14 ∕ 25 AC:Complex/A:Admin/CI:All/II:All/E:Theoretical/TD:Uncommon [2] Vulnerability: Arbitrary PHP code execution
Affected versions: <4.0.1 Description: This module for Drupal provides complete control of Email settings with Drupal and Mailjet.
In certain cases the module doesn't securely pass data to PHP's unserialize() function, which could result in Remote Code Execution via PHP Object Injection.
This vulnerability is mitigated by the fact that an attack must operate with the permission "administer mailjet module", however this could be the case if this issue were combined with others in an "attack chain".
Solution: Install the latest version:
* Upgrade to Mailjet 4.0.1 [3] * For Drupal 7.x, upgrade to Mailjet 7.x-2.23 [4]
Reported By: * Drew Webber [5] of the Drupal Security Team
Fixed By: * Drew Webber [6] of the Drupal Security Team * Bohdan Artemchuk [7]
Coordinated By: * Drew Webber [8] of the Drupal Security Team
[1] https://www.drupal.org/project/mailjet [2] https://www.drupal.org/security-team/risk-levels [3] https://www.drupal.org/project/mailjet/releases/4.0.1 [4] https://www.drupal.org/project/mailjet/releases/7.x-2.23 [5] https://www.drupal.org/user/255969 [6] https://www.drupal.org/user/255969 [7] https://www.drupal.org/user/289861 [8] https://www.drupal.org/user/255969