2 matches found
CVE-2023-38877
creationtimestamp| type| source ---|---|--- 2023-09-28 07:46:41+00:00| seen| https://t.me/cibsecurity/71169...
CVE-2023-38877
Economizzer (gugoan) v0.9-beta1 and commit 3730880 are affected by a host header injection vulnerability in the password reset flow. The issue allows an attacker-controlled server to receive password reset tokens, enabling the attacker to reset other users’ passwords. Root cause described across ...