magento · slavvka · Jan 17, 2017 · Jan 17, 2017
diff --git a/library/Zend/Mail/Transport/Sendmail.php b/library/Zend/Mail/Transport/Sendmail.php
@@ -194,6 +194,18 @@ protected function _prepareHeaders($headers)
             unset($headers['Subject']);
         }
 
+        // Sanitize the From header
+        if (isset($headers['From'])) {
+            $addressList = array_filter($headers['From'], function($key) {
+                return $key !== 'append';
+            }, ARRAY_FILTER_USE_KEY);
+            foreach ($addressList as $address) {
+                if (preg_match('/\\\"/', $address)) {
+                    throw new Zend_Mail_Transport_Exception('Potential code injection in From header');
+                }
+            }
+        }
+
         // Prepare headers
         parent::_prepareHeaders($headers);