← voltar
CVE-2022-23079

motoradmin - host header Injection in the reset password functionality

EPSS 1.3%CWE-116
In motor-admin versions 0.0.1 through 0.2.56 are vulnerable to host header injection in the password reset functionality where malicious actor can send fake password reset email to arbitrary victim.
Produtos afetados
motor-admin · motor-admin

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/motor-admin/motor-admin/commit/a461b7507940a1fa062836daa89c82404fe3ecf9https://www.mend.io/vulnerability-database/CVE-2022-23079