Lucene search
PRIOn knowledge basePRION:CVE-2023-36085HistoryOct 25, 2023 - 6:17 p.m.
Design/Logic Flaw
2023-10-2518:17:00
PRIOn knowledge base
www.prio-n.com
3
sisqualwfm
android
host header injection
vulnerability
phishing
malware
unauthorized access
The sisqualWFM 7.1.319.103 thru 7.1.319.111 for Android, has a host header injection vulnerability in its “/sisqualIdentityServer/core/” endpoint. By modifying the HTTP Host header, an attacker can change webpage links and even redirect users to arbitrary or malicious locations. This can lead to phishing attacks, malware distribution, and unauthorized access to sensitive resources.
| CPE | Name | Operator | Version |
|---|---|---|---|
| sisqualwfm | ge | 7.1.319.103 | |
| sisqualwfm | lt | 7.1.319.111 |
Related
cvelist
cvelist
CVE-2023-36085
2023-10-24 00:00:00
zdt
zdt
SISQUAL WFM 7.1.319.103 Host Header Injection Vulnerability
2024-02-05 00:00:00
SISQUALWFM 7.1.319.103 - Host Header Injection Vulnerability
2024-02-17 00:00:00
exploitdb
exploitdb
SISQUALWFM 7.1.319.103 - Host Header Injection
2024-02-15 00:00:00
cve
cve
CVE-2023-36085
2023-10-25 18:17:28
nvd
nvd
CVE-2023-36085
2023-10-25 18:17:28
packetstorm
packetstorm
SISQUAL WFM 7.1.319.103 Host Header Injection
2024-02-05 00:00:00