Type: Security Hotspot Detection
Message:Make sure that this email is sent in a safe manner.
Default Quality Profiles:Sonar way
Irrelevant for Languages:XML
Analysis Scope:Main Sources
SANS Top 25:Insecure Interaction Between Components
Sending emails is security-sensitive. For example, it has led in the past to the following vulnerabilities:
Emails can create multiple vulnerabilities:
Emails often contain sensitive information which might be exposed to an attacker.
Injecting dangerous content
Email Header Injection
This is one of the most common attacks.
Email fields such as subject, to, cc, bcc, from are set in Email "headers". Those headers are separated by CR ("carriage return" often represented as \r) or LF ("line feed" often represented as \n) characters.
If an unsanitized input is provided to a header field, it becomes vulnerable to Email Header Injection attacks. An attacker can then add fields in the header or even modify the message.
For example, providing the following value to the From field
would result in injecting two additional fields (CC and BCC):
This rule raises an issue when an API sending emails is called.
- Email headers are provided by users and are not sanitized.
- Email content contains data provided by users and it is not sanitized.
- The email is not sent using a strong protocol.
You are at risk if you answered yes to any of those questions.
- Use an email library which sanitizes headers.
- Sanitize every piece of data sent via emails, especially when the mime type is html.
- Use a strong protocol to send your emails, i.e. secure versions of SSL or TLS.