7.6 High
AI Score
Confidence
Low
0.056 Low
EPSS
Percentile
93.2%
The dmarc_process function in dmarc.c in Exim before 4.82.1, when EXPERIMENTAL_DMARC is enabled, allows remote attackers to execute arbitrary code via the From header in an email, which is passed to the expand_string function.