Details
Major
Description
If someone sends a "subscribe" request email from an email address that does not correspond to a CiviCRM contact, the SOAP server responds with an html "error" page, not with a SOAP error message. This generates an error in the SOAP client - which is expecting an XML response.
The <body> of the html page served back is:
<body>
<div id="crm-container" lang="en" xml:lang="en">
<div class="messages status">
<dl>
<dt><img src="http://www.xxxx.com//modules/civicrm/i/Error.gif" alt="unrecoverable error" /></dt>
<dd>
Sorry. A non-recoverable error has occurred. <p> is not of the type Integer</p>
<p><a href="http://www.xxxx.com/" title="Main Menu">Return to CiviCRM menu.</a></p>
</dd>
</dl>
</div>
</div>
</body>
Note there's also a double slash (//) in the image src uri too.
I'm not sure how Amavis handles this error - or if indeed it does at all. This could perhaps crash the mail processor entirely (and therefore be a serious vulnerability). It would be better I think for the SOAP server to return a well formed SOAP response as an error.