AI Score
Confidence
High
EPSS
Percentile
72.9%
CRLF injection vulnerability in the send email functionality in dotCMS before 3.3.2 allows remote attackers to inject arbitrary email headers via CRLF sequences in the subject.
seclists.org/fulldisclosure/2016/May/69
www.securityfocus.com/bid/91529
dotcms.com/docs/latest/change-log#release-3.3.2
security.elarlang.eu/cve-2016-4803-dotcms-email-header-injection-vulnerability-full-disclosure.html