Dawid Golunski from LegalHackers discovered that PHP Swift Mailer, a
mailing solution for PHP, did not correctly validate user input. This
allowed a remote attacker to execute arbitrary code by passing
specially formatted email addresses in specific email headers.