Описание
class.phpmailer.php in the PHPMailer library, as used in Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 and other products, allows remote authenticated users to inject arbitrary e-mail headers via vectors involving a crafted (1) From: or (2) Sender: header.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.9.9.dfsg2-6 |
| hardy | ignored | end of life |
| lucid | ignored | end of life |
| maverick | ignored | end of life |
| natty | ignored | end of life |
| oneiric | ignored | end of life |
| precise | not-affected | 1.9.9.dfsg2-6 |
| quantal | not-affected | 1.9.9.dfsg2-6 |
| raring | not-affected | 1.9.9.dfsg2-6 |
| saucy | not-affected | 1.9.9.dfsg2-6 |
Показывать по
EPSS
4 Medium
CVSS2
Связанные уязвимости
class.phpmailer.php in the PHPMailer library, as used in Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 and other products, allows remote authenticated users to inject arbitrary e-mail headers via vectors involving a crafted (1) From: or (2) Sender: header.
class.phpmailer.php in the PHPMailer library, as used in Moodle 1.9.x ...
EPSS
4 Medium
CVSS2