CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to inject arbitrary e-mail headers via an attachment description in a flagmail notification.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2011-08-09T19:00:00

Updated: 2024-08-06T23:00:33.626Z

Reserved: 2011-06-03T00:00:00

Link: CVE-2011-2381

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2011-08-09T19:55:01.527

Modified: 2017-08-29T01:29:23.723

Link: CVE-2011-2381

cve-icon Redhat

No data.