Contact Form

Email MIME Injection

The contact endpoint passes the form `subject` into the SMTP `Subject:` header without stripping CRLF, allowing extra headers like `Bcc:` to be injected.

CWE-93CWE-150
Back to hub Reload scenario
MIME probe 

  


      

    


    

      

        
Expected Findings

        
    
          
  • `subject` field is concatenated into raw SMTP headers.
  • CRLF injection adds `Bcc:` and arbitrary headers.
  • `to`, `from`, and `reply-to` share the same flaw.
    • 
        

      


      

      

        
Signals

        
        

          
Bug

          
headers := "Subject: " + req.subject + "\r\nFrom: noreply@..."

        

        
      

    


    

    

      Developed by vibe-eval.com for validation and testing purposes only.