CRLF injection vulnerability in FormMail.pl in Matt Wright FormMail 1.92, and possibly earlier, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the redirect parameter.
References
Configurations
Information
Published : 2009-05-22 13:30
Updated : 2018-10-10 12:38
NVD link : CVE-2009-1777
Mitre link : CVE-2009-1777
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
matt_wright
- formmail