Host Header Injection

github.com/zitadel/zitadel is vulnerable to Host Header Injection. The vulnerability is due to improper validation of the Forwarded or X-Forwarded-Host headers when generating password reset links, which allows an attacker to manipulate the link to a malicious domain and capture the reset code,...

Rack::Request accepts invalid Host characters, enabling host allowlist bypass

Summary Rack::Request parses the Host header using an AUTHORITY regular expression that accepts characters not permitted in RFC-compliant hostnames, including /, ?, , and @. Because req.host returns the full parsed value, applications that validate hosts using naive prefix or suffix checks can be...

EUVD-2026-18478

Rack::Request accepts invalid Host characters, enabling host allowlist bypass...

GHSA-H7VR-CG25-JF8C StudioCMS: IDOR — Admin-to-Owner Account Takeover via Password Reset Link Generation

Summary The POST /studiocmsapi/dashboard/create-reset-link endpoint allows any authenticated user with admin privileges to generate a password reset token for any other user, including the owner account. The handler verifies that the caller is an admin but does not enforce role hierarchy, nor doe...

CVE-2025-62516

Landlord Onboarding & Rental Signup introduces the landlord onboarding workflow and rental signup system for VivaTurbo Rentals & Property Services. In 2.0.0 and earlier, a vulnerability was identified in the TurboTenant property listing activation workflow that could allow unauthorized access to...

CVE-2025-62516

CVE-2025-62516 entry rejected; not an active vulnerability.

CVE-2025-62516 Landlord Onboarding & Rental Signup Unauthorized Access Vulnerability in TurboTenant Stripe Integration

Landlord Onboarding & Rental Signup introduces the landlord onboarding workflow and rental signup system for VivaTurbo Rentals & Property Services. In 2.0.0 and earlier, a vulnerability was identified in the TurboTenant property listing activation workflow that could allow unauthorized access to...

EUVD-2025-36366

Landlord Onboarding & Rental Signup introduces the landlord onboarding workflow and rental signup system for VivaTurbo Rentals & Property Services. In 2.0.0 and earlier, a vulnerability was identified in the TurboTenant property listing activation workflow that could allow unauthorized access to...

CVE-2025-31122 scratch-coding-hut.github.io Login Links Generation vulnerability

scratch-coding-hut.github.io is the website for Coding Hut. In 1.0-beta3 and earlier, the login link can be used to login to any account by changing the username in the username field...

GHSA-R57H-547H-W24F PhpSpreadsheet allows bypassing of XSS sanitizer using the javascript protocol and special characters

Product: PhpSpreadsheet Version: 3.8.0 CWE-ID: CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' CVSS vector v.3.1: 5.4 AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS vector v.4.0: 4.8 AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N Description: an attack...

BIT-GITLAB-2024-1493 Uncontrolled Resource Consumption in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 9.2 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, with the processing logic for generating link in dependency files can lead to a regular expression DoS attack on the serve...

UBUNTU-CVE-2024-1493

An issue was discovered in GitLab CE/EE affecting all versions starting from 9.2 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, with the processing logic for generating link in dependency files can lead to a regular expression DoS attack on the serve...

CVE-2024-1493 Uncontrolled Resource Consumption in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 9.2 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, with the processing logic for generating link in dependency files can lead to a regular expression DoS attack on the serve...

CVE-2024-1493

CVE-2024-1493 concerns GitLab CE/EE where the dependency-file link generation logic can trigger a regular-expression DoS on the server. Affected versions are: GitLab 9.2–16.11.4, 17.0.x before 17.0.3, and 17.1.x before 17.1.1. The issue is rooted in how dependency links are generated, leading to ...

PT-2024-2098 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2023.11.4 Description: The issue is related to improper authorization of presigned URL generation requests in the S3 Artifact Storage plugin. This could allow a remote attacker to bypass existing security...

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect through the X-Forwarded-Host header. If the value of the header is prefixed with a invalid domain character for example a /, it is always accepted as the actual host of that request. Since this host is used for all url...

Description of the security update for SharePoint Server 2019: June 8, 2021 (KB5001944)

Description of the security update for SharePoint Server 2019: June 8, 2021 KB5001944 Summary This security update resolves a Microsoft SharePoint remote code execution vulnerability, SharePoint spoofing vulnerability, SharePoint Server remote code execution vulnerability, and SharePoint Server...

PYSEC-2014-15

Cross-site scripting XSS vulnerability in the history display in Roundup before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via a username, related to generating a link...