| Topic: | Header injection in PHPMailer library |
| Severity: | Serious |
| Versions affected: | 2.2, 2.1 to 2.1.3+, 2.0 to 2.0.6+, 1.9 to 1.9.15+ |
| Reported by: | Simon Coggins |
| Issue no.: | MDL-30575 |
| Changes (master): | http://git.moodle.org/gw?p=moodle.git;a=commit;h=62988bf0bbc73df655f51884aaf1f523928abff9 |
Description:
It was possible to inject additional information into email headers, such as additional addresses.