mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
747 B
747 B
CVE-2021-23400
Description
The package nodemailer before 6.6.1 are vulnerable to HTTP Header Injection if unsanitized user input that may contain newlines and carriage returns is passed into an address object.
POC
Reference
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1314737
- https://snyk.io/vuln/SNYK-JS-NODEMAILER-1296415
Github
No PoCs found on GitHub currently.