{"href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-1000500", "history": [{"lastseen": "2018-01-04T11:52:13", "bulletin": {"href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-1000500", "history": [], "type": "cve", "bulletinFamily": "NVD", "cvelist": ["CVE-2017-1000500"], "cvss": {"vector": "NONE", "score": 0.0}, "modified": "2018-01-03T10:29:00", "description": "Keycloak SSO versions prior to 2.x are vulnerable to Host Header Injection on the forgot password page causing the application to send a poisoned URL as the password reset link.", "viewCount": 0, "published": "2018-01-03T10:29:00", "edition": 1, "hashmap": [{"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "href", "hash": "d94b634aba0e177cdb094ede5f8dcc4e"}, {"key": "published", "hash": "1b9ebfbc3ac6935e0e22219686ef2039"}, {"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "cvelist", "hash": "90b013083c8659005f94ce4e99ce7ddf"}, {"key": "modified", "hash": "1b9ebfbc3ac6935e0e22219686ef2039"}, {"key": "title", "hash": "0ffcccc7c1f34565e44ab828f1130075"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}, {"key": "description", "hash": "6869d96cbd6df83b23dbd923e43d81c9"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "references", "hash": "47e5dd26fd4ac911d07b8ba23296e0fe"}, {"key": "cpe", "hash": "d41d8cd98f00b204e9800998ecf8427e"}], "id": "CVE-2017-1000500", "references": ["https://github.com/keycloak/keycloak-documentation/pull/268/commits/a2b58aadee42af2c375b72e86dffc2cf23cc3770"], "hash": "387565e7b84fa0b5d6c5da8f0fe86a7644d4dd1f6a9f730f3240e89fcdde9340", "enchantments": {"score": {"value": 3.2, "modified": "2018-01-04T11:52:13"}}, "lastseen": "2018-01-04T11:52:13", "reporter": "NVD", "assessment": {"href": "", "name": "", "system": ""}, "cpe": [], "title": "CVE-2017-1000500", "objectVersion": "1.3", "scanner": []}, "differentElements": ["cvss", "modified", "cpe"], "edition": 1}], "bulletinFamily": "NVD", "modified": "2018-01-26T08:38:02", "title": "CVE-2017-1000500", "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/", "score": 5.0}, "cvelist": ["CVE-2017-1000500"], "description": "Keycloak SSO versions prior to 2.x are vulnerable to Host Header Injection on the forgot password page causing the application to send a poisoned URL as the password reset link.", "viewCount": 1, "published": "2018-01-03T10:29:00", "edition": 2, "hash": "d99599d678f3312f8539562e02d121af3cefc0e9665b43155a6bf404b768afc2", "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "e71b43aaf95248a112e1c2c74ff8f24f"}, {"key": "cvelist", "hash": "90b013083c8659005f94ce4e99ce7ddf"}, {"key": "cvss", "hash": "26769fd423968d45be7383413e2552f1"}, {"key": "description", "hash": "6869d96cbd6df83b23dbd923e43d81c9"}, {"key": "href", "hash": "d94b634aba0e177cdb094ede5f8dcc4e"}, {"key": "modified", "hash": "17a73e4a04d871133ff5514440535df4"}, {"key": "published", "hash": "1b9ebfbc3ac6935e0e22219686ef2039"}, {"key": "references", "hash": "47e5dd26fd4ac911d07b8ba23296e0fe"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "0ffcccc7c1f34565e44ab828f1130075"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "id": "CVE-2017-1000500", "scanner": [], "type": "cve", "lastseen": "2018-01-27T11:33:12", "reporter": "NVD", "assessment": {"href": "", "name": "", "system": ""}, "cpe": ["cpe:/a:redhat:mobile_application_platform:4.0", "cpe:/a:redhat:single_sign_on:7.0"], "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "objectVersion": "1.3", "references": ["https://github.com/keycloak/keycloak-documentation/pull/268/commits/a2b58aadee42af2c375b72e86dffc2cf23cc3770"]}

{}