 TYPO3 Security Bulletin TYPO3-20070221-1: Email header injectionComponent Type: TYPO3 Core Affected Versions: Below 4.0.5, 4.1beta, 4.1RC1 Vulnerability Type: Email header injection Severity: low
Problem Description: The internal form engine can be used for sending arbitrary mail headers, using it for purposes which it is not meant for. Solution: Update to TYPO3 version 4.0.5 or later. Credits: Credits go to Olivier Dobberkau, Andreas Otto, and Thorsten Kahler, who discovered and supplied a patch for this issue.
 |
到顶部