CVE-2016-10074 (swiftmailer)

CVE-2016-10074 (swiftmailer)

The mail transport (aka Swift_Transport_MailTransport) in Swift Mailer before 5.4.5 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a " (backslash double quote) in a crafted e-mail address in the (1) From, (2) ReturnPath, or (3) Sender header.

Source: CVE-2016-10074 (swiftmailer)

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다