Lyris ListManager Command Execution Vulnerability

Lyris ListManager Command Execution Vulnerability

Lyris ListManager is prone to a CRLF injection vulnerability.

Attackers may exploit this weakness to execute list manager administrative commands, and manipulate the structure of outgoing messages. For example, it may be possible for attackers to set the recipient to an arbitrary value.

Versions 5.0 through 8.8a are vulnerable; other versions may also be affected.