Security #6
Update PHP Mailer to version 5.2.22
Start date:
2017-02-12
Due date:
% Done:
0%
Estimated time:
Operating System:
Description
https://github.com/PHPMailer/PHPMailer
SECURITY Fix CVE-2017-5223, local file disclosure vulnerability if content passed to msgHTML() is sourced from unfiltered user input. Reported by Yongxiang Li of Asiasecurity. The fix for this means that calls to msgHTML() without a $basedir will not import images with relative URLs, and relative URLs containing .. will be ignored.
History
#1 Updated by Manuela over 5 years ago
- Status changed from New to Done
- Priority changed from Normal to Dringend
upgrade to 5.2.22 done
#2 Updated by Manuela over 5 years ago
- Tracker changed from Error to Security