WebsiteBaker Community Forum

WebsiteBaker => Security Announcements => Topic started by: DarkViper on December 29, 2016, 01:23:50 AM

Title: Warning: Security vulnerability in PHPMailer
Post by: DarkViper on December 29, 2016, 01:23:50 AM: This warning only applies to WebsiteBaker before version 2.10.0

There's a lot of noise going around at the moment regarding a vulnerability in PHPMailer and SwiftMailer too.
There an attacker can control the from address a script uses they can pass arbitrary arguments to the sendmail binary. The vulnerability does not touch the SMTP transport.

Quote
Today we published the newest release from the vendor packet of PHPMailer v.5.2.21. You can download it from WebsiteBaker Wiki (http://wiki.WebsiteBaker.org/doku.php/downloads#vendor_pakets)
Please install this packet as soon as possible.

SMF 2.0.19 | SMF © 2017, Simple Machines