Skill UI

This guide details how to test web applications and APIs that send emails for Email Header Injection vulnerabilities. It covers techniques like CRLF injection to manipulate email headers (e.g., adding unauthorized CC/BCC fields, modifying the sender 'From' address, or overriding the content type). Use cases include auditing contact forms, password reset features, and general email endpoints to prevent spam relay, spoofing, and data interception.