5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
78.0%
CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter in
ext/filter in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to
inject arbitrary e-mail headers via an e-mail address with a ‘\n’
character, which causes a regular expression to ignore the subsequent part
of the address string.