Hi,

In message "smtp.sendmail security"
    on 03/07/29, "John W. Long" <ng / johnwlong.com> writes:
|
|We are using the following code to send email messages from an online form
|on our web site:
|
|   Net::SMTP.start('localhost', 25) {|smtp|
|    smtp.sendmail(message, @from, @to)
|   }
|
|The values of @from and @to are taken directly from their cgi.params values
|with basically no modification. Is it possible for someone to exploite this
|as a security vulnerability? Could someone use it to send email to multiple
|addresses?

Check will be added.  Thank you.

							matz.