GHSA-5957-5CRX-79JX Zenario CMS vulnerable to CRLF injection

CRLF injection vulnerability in Zend\Mail ZendMail in Zend Framework before 1.12.12, 2.x before 2.3.8, and 2.4.x before 2.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the header of an email...

CVE-2015-3154

CVE-2015-3154 is a CRLF injection vulnerability in Zend\Mail (Zend_Mail) within Zend Framework. Affected versions are Zend Framework before 1.12.12, 2.x before 2.3.8, and 2.4.x before 2.4.1. The issue allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via...