Drupal · Drupal Form Mail Module · CVE-2006-3473
**Name of the Vulnerable Software and Affected Versions**
Drupal form mail module versions prior to 1.8.2.2
**Description**
The issue allows remote attackers to inject e-mail headers, which facilitates sending spam messages.
**Recommendations**
For versions prior to 1.8.2.2, update to version 1.8.2.2 or later to resolve the issue.