MSA-17-0003: PHPMailer vulnerability in no-reply address
by Marina Glancy.
|Description:||Security vulnerability was reported against PHPMailer, third party library used by Moodle. As a result Moodle improved validation of no-reply address (that can only be configured by admin), all other fields were already properly sanitized. This issue only affect sites that leave $CFG->smtphosts empty.|