Added check for malicious mail headers

docs/changelog/5.x.x.txt

@@ -23,6 +23,7 @@
  - Fixed bug [ 838091 ] Read-Only Forum User Cannot Subscribe
  - Fixed bug [ 839524 ] Editing forum settings defaults all template names
  - Fixed bug [ 841194 ] denied post security problem
+ - Added a check for malicious mail headers
  
 
 5.5.0

lib/WebGUI/Mail.pm

@@ -80,6 +80,14 @@ The email address for the BCC line.
 
 sub send {
         my ($smtp, $message, $from, $footer);
+        foreach my $option (\$_[0], \$_[1], \$_[3], \$_[4], \$_[5]) {
+           if(${$option}) {
+                if (${$option} =~ /(?:From|To|Date|X-Mailer|Subject|Received|Message-Id)\s*:/is) {
+                   use WebGUI::ErrorHandler;
+                   return WebGUI::ErrorHandler::security("pass a malicious value to the mail header.");
+                }
+           }
+        }
 	$from = $_[4] || $session{setting}{companyEmail};
 	#header
 	$message = "To: $_[0]\n";