Name of the Vulnerable Software and Affected Versions: SwiftMailer versions prior to 5.2.1

Description: The issue allows for arbitrary shell execution if the From header comes from a non-trusted source and no Return-Path is configured. This can be exploited when using the sendmail transport, specifically the Swift Transport SendmailTransport.

Recommendations: For versions prior to 5.2.1, upgrade to version 5.2.1 or later as soon as possible to fix the issue. As a temporary workaround, consider configuring a Return-Path to minimize the risk of exploitation when using the sendmail transport.