5 matches found
CVE-2021-25980
In Talkyard, versions v0.04.01 through v0.6.74-WIP-63220cb, v0.2020.22-WIP-b2e97fe0e through v0.2021.02-WIP-879ef3fe1 and tyse-v0.2021.02-879ef3fe1-regular through tyse-v0.2021.28-af66b6905-regular, are vulnerable to Host Header Injection. By luring a victim application-user to click on a link, a...
CVE-2021-25980
creationtimestamp| type| source ---|---|--- 2021-11-11 12:37:20+00:00| seen| https://t.me/cibsecurity/32235...
CVE-2021-25980
CVE-2021-25980 describes a Host Header Injection vulnerability in Talkyard. Affected versions include v0.04.01–v0.6.74-WIP-63220cb, v0.2020.22-WIP-b2e97fe0e–v0.2021.02-WIP-879ef3fe1, and tyse-v0.2021.02–tyse-v0.2021.28-af66b6905-regular. An unauthenticated attacker can lure a user to click a link...
CVE-2021-25980 Talkyard - Host-Header Injection Leads to Account Takeover
In Talkyard, versions v0.04.01 through v0.6.74-WIP-63220cb, v0.2020.22-WIP-b2e97fe0e through v0.2021.02-WIP-879ef3fe1 and tyse-v0.2021.02-879ef3fe1-regular through tyse-v0.2021.28-af66b6905-regular, are vulnerable to Host Header Injection. By luring a victim application-user to click on a link, a...
CVE-2021-25980 Talkyard - Host-Header Injection Leads to Account Takeover
In Talkyard, versions v0.04.01 through v0.6.74-WIP-63220cb, v0.2020.22-WIP-b2e97fe0e through v0.2021.02-WIP-879ef3fe1 and tyse-v0.2021.02-879ef3fe1-regular through tyse-v0.2021.28-af66b6905-regular, are vulnerable to Host Header Injection. By luring a victim application-user to click on a link, a...