CVE-2002-1917

2002-12-31T05:00:00
ID CVE-2002-1917
Type cve
Reporter cve@mitre.org
Modified 2008-09-05T20:31:00

Description

CRLF injection vulnerability in the "User Profile: Send Email" feature in Geeklog 1.35 and 1.3.5sr1 allows remote attackers to obtain e-mail addresses by injecting a CRLF into the Subject field and adding a BCC mail header.