Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
PHPMailer Unvalidated User Input in Configuration Settings
MINI-rfp6-qc7q-4qhx
Summary
A vulnerability in PHPMailer allows an attacker to execute arbitrary code on a website by injecting malicious data into configuration settings. This could potentially lead to unauthorized access or data tampering. Website administrators should ensure they are running the latest version of PHPMailer and review their configuration settings for any suspicious or unvalidated input.
What to do
- Update argocd-3.0 to version 3.0.23-r8.
- Update argocd-3.0-repo-server to version 3.0.23-r8.
- Update argocd-3.0-compat to version 3.0.23-r8.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | argocd-3.0 | <= 3.0.23-r8 | 3.0.23-r8 |
| – | argocd-3.0-repo-server | <= 3.0.23-r8 | 3.0.23-r8 |
| – | argocd-3.0-compat | <= 3.0.23-r8 | 3.0.23-r8 |
Original title
MINI-rfp6-qc7q-4qhx
Published: 5 Apr 2026 · Updated: 5 Apr 2026 · First seen: 5 Apr 2026