phplist

NOTE:: Before reporting an issue, make sure you are running the latest version, currently 3.3.1


View Issue Details Jump to Notes ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0018471phplist applicationSecuritypublic04-01-17 12:0309-05-17 21:14
Reporterjsalmeron 
PriorityurgentSeveritymajorReproducibilityhave not tried
StatusresolvedResolutionfixed 
PlatformOSOS Version
Product Version 
Target VersionFixed in Version3.3.1 
Summary0018471: PHPMailer Security Issue
DescriptionAccording to https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html, [^] there is a security issue in PHPMailer < 5.2.20. In PHPList 3.2.6 I see that the bundled PHPMailer version is 5.2.14, so in principle PHPList could be potentially vulnerable.

Therefore, PHPList should update PHPMailer to the 5.2.20 or higher.
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]

-  Notes
There are no notes attached to this issue.


Copyright © 2000 - 2017 MantisBT Team
Powered by Mantis Bugtracker