VYPR
High severity7.5OSV Advisory· Published Jun 30, 2016· Updated Jun 17, 2026

CVE-2016-4803

CVE-2016-4803

Description

CRLF injection vulnerability in the send email functionality in dotCMS before 3.3.2 allows remote attackers to inject arbitrary email headers via CRLF sequences in the subject.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Range: 3.0, 3.2, 3.2.1, …
  • Dotcms/Dotcms2 versions
    cpe:2.3:a:dotcms:dotcms:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:dotcms:dotcms:*:*:*:*:*:*:*:*range: <=3.3.1
    • (no CPE)range: <3.3.2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.