Confirm 0.62 and earlier could allow remote attackers to execute arbitrary code via an e-mail header that contains shell metacharacters such as ", `, |, ;, or $.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| confirm | confirm | 0.60 |
| confirm | confirm | 0.62 |
| confirm | confirm | 0.52 |
| confirm | confirm | 0.51 |
| confirm | confirm | 0.55 |
| confirm | confirm | 0.61 |
| confirm | confirm | 0.54 |
| confirm | confirm | 0.50 |
| confirm | confirm | 0.53 |