What the vulnerability does

01Description

A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary SMTP headers in the generated test email.

Key dates

02Disclosure timeline

October 5, 2021 CVE published
November 8, 2024 Record updated