Lucene search
+L

CVE-2024-23648

🗓️ 05 Feb 2025 07:39:35Reported by redhat.comType 
redhatcve
 redhatcve
🔗 access.redhat.com👁 9 Views

Vulnerability in Pimcore Admin allows password reset via crafted URL exploiting Host header until version 1.2.3.

Related
Refs
ReporterTitlePublishedViews
Family
circl
CVE-2024-23648
24 Jan 202419:26
circl
cnnvd
Pimcore Injection Vulnerability
24 Jan 202400:00
cnnvd
cve
CVE-2024-23648
24 Jan 202418:05
cve
cvelist
CVE-2024-23648 Pimcore Admin Classic Bundle host header injection in the password reset
24 Jan 202418:05
cvelist
euvd
EUVD-2024-0388
3 Oct 202520:07
euvd
github
Host header injection in the password reset
24 Jan 202420:54
github
nvd
CVE-2024-23648
24 Jan 202418:15
nvd
osv
CVE-2024-23648 Pimcore Admin Classic Bundle host header injection in the password reset
24 Jan 202418:05
osv
osv
GHSA-MRQG-MWH7-Q94J Host header injection in the password reset
24 Jan 202420:54
osv
prion
Default credentials
24 Jan 202418:15
prion
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

03 Oct 2025 16:31Current
6.7Medium risk
Vulners AI Score6.7
CVSS 3.18.8
EPSS0.00827
9