EPSS
Percentile
99.6%
zend-mail is vulnerable to remote code execution (RCE) attacks. The library does not properly sanitize input, allowing a malicious user to inject and execute arbitrary code using a \\ character.
\\
framework.zend.com/security/advisory/ZF2016-04