SMTP Header Injection
Description
The application is vulnerable to SMTP header injection. This occurs when user input is placed in a header line without removing or replacing new line characters (CR/LF), allowing an attacker to inject malicious headers.
Examples
Insecure Code
scala
MimeMessage message = new MimeMessage();
message.setSubject(userInput);Secure Code
scala
MimeMessage message = new MimeMessage();
message.setSubject(SanitizeInput(userInput));Remediation
Use a safe wrapper such as Apache Common Email and Simple Java Mail which filter special characters that can lead to header injection. Ensure that user input is properly sanitized before being used in SMTP headers.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0066 |
| Category | Injection |
| Severity | HIGH |
| CWE | CWE-77 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | header injection, SMTP |
| OWASP | N/A |