One Click Orgs 1.2.3 and Earlier: Remote Authenticated SMTP Traffic Triggering Vulnerability

One Click Orgs 1.2.3 and Earlier: Remote Authenticated SMTP Traffic Triggering Vulnerability

CVE-2011-4554 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:P

One Click Orgs before 1.2.3 allows remote authenticated users to trigger crafted SMTP traffic via (1) " (double quote) and newline characters in an org name or (2) " (double quote) characters in an e-mail address, related to a "2nd Order SMTP Injection" issue.

Learn more about our User Device Pen Test.