Description

CRLF injection vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows remote attackers to inject headers of outgoing e-mail messages and use Drupal as a spam proxy.

Remediation

References

CVE-2006-1225

Related Vulnerabilities

MySQL CVE-2020-14775 Vulnerability (CVE-2020-14775)

PmWiki Other Vulnerability (CVE-2005-3849)

MySQL CVE-2013-1555 Vulnerability (CVE-2013-1555)

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1759)

Telerik Web UI Missing Authorization Vulnerability (CVE-2021-28141)

Severity

Medium

Classification

CVE-2006-1225

Tags

Missing Update Known Vulnerabilities