Swift Mailer mail transport Command Injection

2022-05-1700:27:49

Google

osv.dev

7.7 High

AI Score

Confidence

Low

0.944 High

EPSS

Percentile

99.2%

JSON

The mail transport (aka Swift_Transport_MailTransport) in Swift Mailer before 5.4.5 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a " (backslash double quote) in a crafted e-mail address in the (1) From, (2) ReturnPath, or (3) Sender header.

CPENameOperatorVersion
swiftmailer/swiftmailereq5.4.2
swiftmailer/swiftmailereq4.2.1
swiftmailer/swiftmailereq5.3.0
swiftmailer/swiftmailereq5.4.4
swiftmailer/swiftmailereq4.3.0
swiftmailer/swiftmailereq5.2.2
swiftmailer/swiftmailereq5.0.3
swiftmailer/swiftmailereq5.1.0
swiftmailer/swiftmailereq5.0.1
swiftmailer/swiftmailereq5.2.0

Name	Operator	Version
swiftmailer/swiftmailer	eq	5.4.2
swiftmailer/swiftmailer	eq	4.2.1
swiftmailer/swiftmailer	eq	5.3.0
swiftmailer/swiftmailer	eq	5.4.4
swiftmailer/swiftmailer	eq	4.3.0
swiftmailer/swiftmailer	eq	5.2.2
swiftmailer/swiftmailer	eq	5.0.3
swiftmailer/swiftmailer	eq	5.1.0
swiftmailer/swiftmailer	eq	5.0.1
swiftmailer/swiftmailer	eq	5.2.0