Mail Header Injection (IAST)

Severity: Critical
Summary#

Invicti identified that the web application is vulnerable to Email Header Injection. Email Header Injection is a security vulnerability that allows a malicious user to tamper with the email messages that are sent from the web application by injecting additional SMTP/IMAP headers. A malicious spammer could potentially use this tactic to send large numbers of messages anonymously.

Impact#

Unvalidated user input is used when composing the content of the mail messages that are sent from this web application. Therefore, it's possible for a remote attacker to inject custom SMTP/IMAP headers. For example, an attacker can inject additional email recipients and use the script for sending spam.

Actions To Take#

You need to restrict CR(0x13) and LF(0x10) from the user input. Check references for more information about fixing this vulnerability.

Invicti

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo