concrete5: Sendmail Remote Code Execution Vulnerability in Concrete5 version

ID H1:59663
Type hackerone
Reporter egix
Modified 2015-06-06T09:31:19


Concrete5 is vulnerable to a Remote Code Execution because it fails to properly validate certain user input used as sender email address when sending out a registration notification email. This vulnerability is mitigated by the fact that it can be exploited only by authenticated administrator users (even though it could be exploited via a Cross Site Request Forgery attack as well) and only if the email is being sent with sendmail.