- Forum
- jDBexport
- Product announcements
- jDBexport NOT vulnerable to CVE-2016-10033 (third-party library PHPMailer)
jDBexport NOT vulnerable to CVE-2016-10033 (third-party library PHPMailer)
29 Dec 2016 10:04 #1
by Rüdiger Schultz
Ruediger Schultz
Schultz IT Solutions
Please support jDBexport on JOOMLA Extension directory (JED) at
extensions.joomla.org/extensions/extensi...ta-reports/jdbexport
jDBexport NOT vulnerable to CVE-2016-10033 (third-party library PHPMailer) was created by Rüdiger Schultz
Dear jDBexport users,
This message is to confirm that jDBexport is NOT vulnerable to the critical PHPMailer security issue CVE-2016-10033
We are using the the JMail class to create the emails (sending workbooks from the frontend or the scheduler), and JOOMLA JSST has determined that through correct use of the JMail class, there are additional validations in place which make executing this vulnerability impractical within the Joomla environment.
see their respective security advisory at developer.joomla.org/security-centre/668...%21+Security+News%29
However due to the severity of this vulnerability and the wide usage of PHPMailer class, you might wish to clarify this for other implementations of the PHPMailer class in your environment as well.
Let me also use this opportunity to wish all of you a successful 2017
Ruediger Schultz
Schultz IT Solutions
This message is to confirm that jDBexport is NOT vulnerable to the critical PHPMailer security issue CVE-2016-10033
We are using the the JMail class to create the emails (sending workbooks from the frontend or the scheduler), and JOOMLA JSST has determined that through correct use of the JMail class, there are additional validations in place which make executing this vulnerability impractical within the Joomla environment.
see their respective security advisory at developer.joomla.org/security-centre/668...%21+Security+News%29
However due to the severity of this vulnerability and the wide usage of PHPMailer class, you might wish to clarify this for other implementations of the PHPMailer class in your environment as well.
Let me also use this opportunity to wish all of you a successful 2017
Ruediger Schultz
Schultz IT Solutions
Ruediger Schultz
Schultz IT Solutions
Please support jDBexport on JOOMLA Extension directory (JED) at
extensions.joomla.org/extensions/extensi...ta-reports/jdbexport
The topic has been locked.