The web interface for subscribing new users in Lyris ListManager 5.0 through 8.8b, in combination with a line wrap feature, allows remote attackers to execute arbitrary list administration commands via LFCR (%0A%0D) sequences in the pw parameter. NOTE: it is not clear whether this is a variant of a CRLF injection vulnerability.
Software | From | Fixed in |
---|---|---|
lyris_technologies_inc / listmanager | 5.0 | 5.0.x |
lyris_technologies_inc / listmanager | 6.0 | 6.0.x |
lyris_technologies_inc / listmanager | 7.0 | 7.0.x |
lyris_technologies_inc / listmanager | 8.0 | 8.0.x |
lyris_technologies_inc / listmanager | 8.8a | 8.8a.x |