Ubuntu Security Notice USN-5956-1
Ubuntu Security Notice 5956-1 - Dawid Golunski discovered that PHPMailer
was not properly escaping user input data used as arguments to functions executed by the system shell. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM. It was discovered that PHPMailer was not properly escaping characters in certain fields of the code_generator.php example code. An attacker could possibly
use this issue to conduct cross-site scripting attacks. This issue was
only fixed in Ubuntu 16.04 ESM and Ubuntu 18.04 ESM.
https://packetstormsecurity.com/files/171366/USN-5956-1.txt
Thu, 16 Mar 2023 14:55:11 GMT
________________________________
--- The information is for inforamtional purposes only.
* Origin: Read us with
http://winpoint.org JID:
rs@captflint.com