CVE-2021-23400

The package nodemailer before 6.6.1 are vulnerable to HTTP Header Injection if unsanitized user input that may contain newlines and carriage returns is passed into an address object.
Configurations

Configuration 1

cpe:2.3:a:nodemailer:nodemailer:*:*:*:*:*:node.js:*:*

Information

Published : 2021-06-29 12:15

Updated : 2021-07-06 06:48


NVD link : CVE-2021-23400

Mitre link : CVE-2021-23400

Products Affected
No products.
CWE