Message201884
An email.header.Header object should not allow two consecutive newlines, since this terminates interpretation of headers and starts the body section. This can be exploited by an attacker in a case of user input being used in headers, and validated with the Header object, by stopping interpretation of any further headers, which become interpreted by an user (or other) agent. This in turn can be used to modify the behavior of emails, web pages, and the like, where such code is present. |
|
Date |
User |
Action |
Args |
2013-11-01 09:13:40 | hhm | set | recipients:
+ hhm |
2013-11-01 09:13:40 | hhm | set | messageid: <1383297220.57.0.645523530796.issue19470@psf.upfronthosting.co.za> |
2013-11-01 09:13:40 | hhm | link | issue19470 messages |
2013-11-01 09:13:40 | hhm | create | |
|