CVE-2007-1081

Name of the Vulnerable Software and Affected Versions TYPO3 versions prior to 4.0.5 TYPO3 versions 4.1beta TYPO3 versions 4.1RC1

Description The issue allows attackers to inject arbitrary email headers via unknown vectors in the start function in class.t3lib formmail.php.

Recommendations For versions prior to 4.0.5, update to version 4.0.5 or later. For versions 4.1beta and 4.1RC1, avoid using the start function in class.t3lib formmail.php until a patch is available. As a temporary workaround, consider restricting access to the email functionality to minimize the risk of exploitation.