Description
-
This script is possibly vulnerable to Email injection attacks.
Email injection is a security vulnerability that allows malicious users to send email messages using someone else's server without prior authorization. A malicious spammer could use this tactic to send large numbers of messages anonymously.
Remediation
- You need to restrict CR(0x13) and LF(0x10) from the user input. Check references for more information about fixing this vulnerability.
References
Severity
Classification
Tags
Related Vulnerabilities