Just noticed that the current MARTI allows the client to pass a custom subject for the mail being sent.
Of course we should limit it to a fixed amount of chars so this feature can't be abused to send spam.
Also user input should probably get escaped, just to be sure.
Just noticed that the current MARTI allows the client to pass a custom subject for the mail being sent. Of course we should limit it to a fixed amount of chars so this feature can't be abused to send spam. Also user input should probably get escaped, just to be sure.