The start function in class.t3lib_formmail.php in TYPO3 prior to 4.0.5, 4.1beta, and 4.1RC1 allows malicious users to inject arbitrary email headers via unknown vectors. NOTE: some details were obtained from third party information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
typo3 typo3 |