2 matches found
CVE-2022-23064
creationtimestamp| type| source ---|---|--- 2022-05-02 16:27:48+00:00| seen| https://t.me/cibsecurity/41714 2022-05-06 16:38:12+00:00| seen| https://t.me/itsecnews/625...
CVE-2022-23064
Snipe-IT (versions v3.0-alpha to v5.3.7) is affected by a Host Header Injection vulnerability. A specially crafted Host header in the reset password request can cause password reset links to be sent to an attacker-controlled server, enabling leakage of password reset tokens and potentially result...