Email spoofing
None
Vulnerability Details
Email spoofing is possible
To verify:
visit :https://www.kitterman.com/spf/validate.html? and type your domain name to check SPF record
you can see the results as: NO valid SPF record found
POC:
1.visit http://emkei.cz//
2.fill the from email as [email protected]
3.to email as victim email address, enter subject, data and click send
4.you will receive the mail in your inbox
## Impact
email spoofing
Actions
View on HackerOneReport Stats
- Report ID: 1187511
- State: Closed
- Substate: duplicate
- Upvotes: 3