Warning: Security vulnerability in PHPMailer
|Posted by Uwe Jacobsen (jacobi22) on Dec 29 2016|
There's a lot of noise going around at the moment regarding a vulnerability in PHPMailer and SwiftMailer too.
There an attacker can control the from address a script uses they can pass arbitrary arguments to the sendmail binary. The vulnerability does not touch the SMTP transport.
Today we published the newest release from the vendor packet of PHPMailer v.5.2.21. You can download it from
Please install this packet as soon as possible.
Last changed: Mar 05 2017 at 2:38 AMBack to Overview