The security expert Dawid Golunski from Legal Hackers has reported critical RCE flaws in the popular PHP libraries SwiftMailer, PhpMailer and ZendMail. Similar issues were discovered in other two PHP libraries, SwiftMailing and PhPMailer. Once again millions of websites and web apps are open to cyber attacks. The attack is performed by providing additional quote characters within an address; when unsanitized, they can be interpreted as additional command line arguments, leading to the vulnerability.”]
Source: https://securityaffairs.co/wordpress/55002/hacking/swiftmailer-phpmailer-zendmail-rce.html