Project
SMTP Authentication Support
Date
Severity
Critical
Risk Score
15 ∕ 25 AC:Complex/A:User/CI:All/II:All/E:Theoretical/TD:Uncommon
Vulnerability
Multiple upstream security vulnerabilities
Affected versions
< 7.x-1.11

Description

SMTP is susceptible to multiple upstream vulnerabilities from its use of the embedded PHPMailer library. 

These vulnerabilities are mitigated by that fact that default setup of this module does not trigger any of these known vulnerabilities. 

Solution

Install the latest version: 7.x-1.11.

Reported by

  • Luke Leber (luke.leber)

Fixed by

  • Tag1 D7ES

Coordinated by

  • Tag1 D7ES