FreeBSD : PHPmailer -- SMTP injection vulnerability (8a90dc87-89f9-11e5-a408-00248c0c745d)
High Nessus Plugin ID 87188
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionPHPMailer changelog reports :
Fix vulnerability that allowed email addresses with line breaks (valid in RFC5322) to pass to SMTP, permitting message injection at the SMTP level. Mitigated in both the address validator and in the lower-level SMTP class. Thanks to Takeshi Terada.
SolutionUpdate the affected package.