• info
• discussion
• exploit
• solution
• references

Drupal Form_mail Module Multiple CRLF Injection Vulnerabilities

Solution:
The vendor has released version 4.6.0 to address this issue; please see the reference section for details.


Drupal Drupal Form_mail 1.8.2.1

• Drupal form_mail-4.6.0.tar.gz
  http://ftp.osuosl.org/pub/drupal/files/projects/form_mail-4.6.0.tar.gz