EPSS
Percentile
90.1%
phpmailer is vulnerable to remote code execution. The vulnerability exists due to insecure data allowed into the $lang_path parameter of the setLanguage() method.
$lang_path
setLanguage()
github.com/PHPMailer/PHPMailer/blob/master/SECURITY.md
lists.fedoraproject.org/archives/list/[email protected]/message/3YRMWGA4VTMXFB22KICMB7YMFZNFV3EJ/
lists.fedoraproject.org/archives/list/[email protected]/message/FJYSOFCUBS67J3TKR74SD3C454N7VTYM/