Cancel

SMTP header injection

By cyberkhalid

Posted 2022-01-01 1 min read

SMTP header injection

SMTP header injection vulnerabilities arise when user input is placed into email headers without adequate sanitization, allowing an attacker to inject additional headers with arbitrary values.

Exploitation

No Lab TO Demonstrate

References

https://portswigger.net/kb/issues/00200800_smtp-header-injection
https://book.hacktricks.xyz/pentesting-web/email-header-injection

WebApp And Api Pentesting, SMTP header injection

This post is licensed under CC BY 4.0 by the author.

SMTP header injection

SMTP header injection

Exploitation

References

Further Reading

XPATH Injection

DOM-based XSS

Reflected XSS