Description

The start function in class.t3lib_formmail.php in TYPO3 before 4.0.5, 4.1beta, and 4.1RC1 allows attackers to inject arbitrary email headers via unknown vectors. NOTE: some details were obtained from third party information.

Remediation

References

CVE-2007-1081

Related Vulnerabilities

WebLogic Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-17359)

MySQL Other Vulnerability (CVE-2010-1849)

Liferay DXP Origin Validation Error Vulnerability (CVE-2022-25146)

ProjectSend Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9786)

WordPress Plugin Include Me Remote Code Execution (1.2.1)

Severity

High

Classification

CVE-2007-1081

Tags

Missing Update Known Vulnerabilities