QID 997088
Date Published: 2024-02-05
QID 997088: PHP (Composer) Security Update for phpmailer/phpmailer (GHSA-6h78-85v2-mmch)
PHPMailer before 1.7.4, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php.
Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
Solution
Refer to Github security advisory GHSA-6h78-85v2-mmch for updates and patch information.
Vendor References
- GHSA-6h78-85v2-mmch -
github.com/advisories/GHSA-6h78-85v2-mmch
CVEs related to QID 997088
Software Advisories
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| GHSA-6h78-85v2-mmch | phpmailer/phpmailer |
|