Design/Logic Flaw

2018-02-1203:29:00

PRIOn knowledge base

www.prio-n.com

8.9 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.1%

JSON

An issue was discovered in Typesetter 5.1. It suffers from a Host header injection vulnerability, Using this attack, a malicious user can poison the web cache or perform advanced password reset attacks or even trigger arbitrary user re-direction.

CPENameOperatorVersion
typesettereq5.1

CPE	Name	Operator	Version
	typesetter	eq	5.1

References

securitywarrior9.blogspot.in/2018/02/host-header-injection-type-setter-cms-51.html

www.exploit-db.com/exploits/44028/