Vulnerabilities

CVE-2012-0796

by Fred · 17/07/2012

class.phpmailer.php in the PHPMailer library, as used in Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 and other products, allows remote authenticated users to inject arbitrary e-mail headers via vectors involving a crafted (1) From: or (2) Sender: header.

Date published : 2012-07-17

http://git.moodle.org/gw?p=moodle.git;a=commit;h=62988bf0bbc73df655f51884aaf1f523928abff9

http://moodle.org/mod/forum/discuss.php?d=194015

Similar

Tags: Cybersecurity Alert