You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
An address that contains line-breaks can add arbitrary SMTP headers. In my mind, the reason for using an address object is to avoid having to deal with escaping odd names and addresses (like would be necessary with `${name} <${address}>`); therefore, it is expected that name and address don't have to be sanitized. Otherwise, it's not just an address object, but an "address plus maybe arbitrary headers," which is not something anyone would want to have. I'm not sure what other fields are vulnerable. This was discovered by @lol768.
The text was updated successfully, but these errors were encountered:
Please fill the following questionnaire about your issue:
I've got a pretty standard
sendMail
call here in an HTTP handler:An
address
that contains line-breaks can add arbitrary SMTP headers. In my mind, the reason for using an address object is to avoid having to deal with escaping odd names and addresses (like would be necessary with`${name} <${address}>`
); therefore, it is expected thatname
andaddress
don't have to be sanitized. Otherwise, it's not just an address object, but an "address plus maybe arbitrary headers," which is not something anyone would want to have. I'm not sure what other fields are vulnerable. This was discovered by @lol768.The text was updated successfully, but these errors were encountered: