CRLF injection vulnerability in FormMail.pl in Matt Wright FormMail 1.92, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the redirect parameter.
References
Configurations
History
No history.
Information
Published : 2009-05-22 20:30
Updated : 2024-02-28 11:21
NVD link : CVE-2009-1777
Mitre link : CVE-2009-1777
CVE.ORG link : CVE-2009-1777
JSON object : View
Products Affected
matt_wright
- formmail
CWE
CWE-20
Improper Input Validation