Email injection

Description
  • This script is possibly vulnerable to Email injection attacks. <br/><br/>Email injection is a security vulnerability that allows malicious users to send email messages using someone else's server without prior authorization. A malicious spammer could use this tactic to send large numbers of messages anonymously.
Remediation
  • You need to restrict CR(0x13) and LF(0x10) from the user input. Check references for more information about fixing this vulnerability.
References
Severity
Classification
Tags