Arbitrary code execution via a crafted email address

PKSA-4wqt-t43g-k7x7 CVE-2017-15806

Affected version: <1.8.2

Reported by:
FriendsOfPHP/security-advisories