Email injection

  • This script is possibly vulnerable to Email injection attacks.

    Email injection is a security vulnerability that allows malicious users to send email messages using someone else's server without prior authorization. A malicious spammer could use this tactic to send large numbers of messages anonymously.
  • You need to restrict CR(0x13) and LF(0x10) from the user input. Check references for more information about fixing this vulnerability.