Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-19143

Provide extra e-mail address check for line breaks when sending e-mail

    Details

    • Branch Version/s:
      6.0.x
    • Backported to Branch:
      Committed

      Description

      Line breaks are not checked when sending e-mail, this can be used for setting new smtp headers (javax.mail doesn't handle it correctly). Liferay should check the line breaks in the e-mail addresses before sending the e-mails out.

      This is not a real vulnerability in the portal as e-mail addresses are validated, but this helps to improve security of the portal and for the custom developments as well.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  7 years, 46 weeks, 4 days ago

                  Packages

                  Version Package
                  6.0.12 EE
                  6.1.0 CE RC1