phpMailer is vulnerable to cross-site scripting (XSS) attacks. The attacks exist because it does not properly sanitize the user supplied input to the “From Email Address” and “To Email Address” fields of code_generator.php
.
CPE | Name | Operator | Version |
---|---|---|---|
phpmailer/phpmailer | le | 5.2.23 |