Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.19 views

PT-2026-45786

Name of the Vulnerable Software and Affected Versions mint versions 0.1.0 through 1.8.x Description An inconsistent interpretation of HTTP requests, known as HTTP Request/Response Smuggling, allows attacker-controlled HTTP/1 servers to desynchronize response framing on shared connections. The iss...

6.3CVSS5.9AI score0.00301EPSS
Exploits0References13
Snyk
Snyk
added 2025/10/29 6:45 p.m.3 views

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect via manipulation of the Forwarded or X-Forwarded-Host headers used to construct password reset confirmation links. An attacker can gain unauthorized access to user accounts by tricking users into clicking a password reset...

8.8CVSS7AI score0.00345EPSS
Exploits0References2
Snyk
Snyk
added 2025/10/29 6:45 p.m.2 views

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect via manipulation of the Forwarded or X-Forwarded-Host headers used to construct password reset confirmation links. An attacker can gain unauthorized access to user accounts by tricking users into clicking a password reset...

8.8CVSS7AI score0.00345EPSS
Exploits0References2
Snyk
Snyk
added 2025/10/29 6:45 p.m.7 views

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect via manipulation of the Forwarded or X-Forwarded-Host headers used to construct password reset confirmation links. An attacker can gain unauthorized access to user accounts by tricking users into clicking a password reset...

8.8CVSS7AI score0.00345EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2023/11/29 9:32 p.m.16 views

ZITADEL Account Takeover via Malicious Host Header Injection

Impact ZITADEL uses the notification triggering requests Forwarded or X-Forwarded-Host header to build the button link sent in emails for confirming a password reset with the emailed code. If this header is overwritten and a user clicks the link to a malicious site in the email, the secret code c...

8.8CVSS7.2AI score0.00767EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder