Mail.ru: SMTP Header Injection at http://abonement.ucs.ru

2020-06-18T18:15:41
ID H1:901956
Type hackerone
Reporter killinem_sec
Modified 2020-07-30T09:30:55

Description

It was possible to abuse the functionality of abonement.ucs.ru to send messages to arbitrary e-mail via CRLF injection vulnerability