Skip to content

Serendipity has a Host Header Injection allows SMTP header injection via unvalidated HTTP_HOST in Message-ID email header

High severity GitHub Reviewed Published Apr 13, 2026 in s9y/Serendipity • Updated Apr 14, 2026
0 Open 0 Closed
Type
Filter by repository type
All
Public
Private
Internal
Sort
Sort by
Newest
Oldest

No open alerts for this advisory

Give feedback on Dependabot alerts