Email spoofing
None
S
Sifchain
Submitted None
Actions:
Reported by
tmsm
Vulnerability Details
Technical details and impact analysis
Email spoofing is possible
To verify:
visit :https://www.kitterman.com/spf/validate.html? and type your domain name to check SPF record
you can see the results as: NO valid SPF record found
POC:
1.visit http://emkei.cz//
2.fill the from email as [email protected]
3.to email as victim email address, enter subject, data and click send
4.you will receive the mail in your inbox
## Impact
email spoofing
Report Details
Additional information and metadata
State
Closed
Substate
Duplicate
Submitted
Weakness
Improper Authentication - Generic