1. Home
  2. CVE Database
  3. CVE-2007-2731
MEDIUM · 4.0

CVE-2007-2731

CRLF injection vulnerability in formmail.php in Jetbox CMS 2.1 might allow remote attackers to inject arbitrary e-mail headers via LF (%0A) sequences in the subject parameter, a related issue to CVE-2...

Vulnerability Description

CRLF injection vulnerability in formmail.php in Jetbox CMS 2.1 might allow remote attackers to inject arbitrary e-mail headers via LF (%0A) sequences in the subject parameter, a related issue to CVE-2007-1898.

CVSS Score

4.0

MEDIUM

AV:N/AC:H/Au:N/C:N/I:P/A:P
Confidentiality
NONE
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
JetboxJetbox Cms2.1

References

FAQ

What is CVE-2007-2731?

CVE-2007-2731 is a vulnerability with a CVSS score of 4.0 (MEDIUM). CRLF injection vulnerability in formmail.php in Jetbox CMS 2.1 might allow remote attackers to inject arbitrary e-mail headers via LF (%0A) sequences in the subject parameter, a related issue to CVE-2...

How severe is CVE-2007-2731?

CVE-2007-2731 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-2731?

Check the references section above for vendor advisories and patch information. Affected products include: Jetbox Jetbox Cms.