# Email Header Injection

- ID: python-email-injection
- Severity: HIGH
- CWE: CWE-93 (CWE-93)
- Languages: Python

## Description

Detects user input used in email headers without newline sanitization.

## Remediation

Remove newlines from email headers before use.

```python
safe_subject = subject.replace('\r', '').replace('\n', '')
```

Learn more: https://shoulder.dev/learn/python/cwe-93/email-injection

## Documentation

[object Object]

## Related Rules

- **Email Header Injection** [HIGH]: 
- **Email Header Injection** [HIGH]: