Description
CRLF injection vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows remote attackers to inject headers of outgoing e-mail messages and use Drupal as a spam proxy.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2011-0876 Vulnerability (CVE-2011-0876)
Nginx Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2016-1247)
Drupal Deserialization of Untrusted Data Vulnerability (CVE-2019-6338)
MySQL CVE-2018-3187 Vulnerability (CVE-2018-3187)
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2019-15226)