PHPFormMail HTML Output Function HTML Injection Vulnerability

PHPFormMail is prone to an HTML injection vulnerability. This issue exists in a function that is designed to output HTML from form input.

This vulnerability could allow for various attacks, although the software does not appear to use cookies or support user sessions, so session hijacking may not be possible.


 

Privacy Statement
Copyright 2010, SecurityFocus