CVE-2020-7769

Published November 12th, 2020

View on NVD ↗

CVSS v3

8.6

HIGH

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

This affects the package nodemailer before 6.4.16. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending mails.

nodemailer/nodemailer

✉️ Send e-mails with Node.JS – easy as cake!

GitHub

17.6K