2 matches found
CVE-2023-36085
The sisqualWFM 7.1.319.103 thru 7.1.319.111 for Android, has a host header injection vulnerability in its "/sisqualIdentityServer/core/" endpoint. By modifying the HTTP Host header, an attacker can change webpage links and even redirect users to arbitrary or malicious locations. This can lead to...
PT-2023-25424 · Unknown · Sisqualwfm
Name of the Vulnerable Software and Affected Versions: sisqualWFM versions 7.1.319.103 through 7.1.319.111 Description: The issue concerns a host header injection vulnerability in the "/sisqualIdentityServer/core/" endpoint. By modifying the HTTP Host header, an attacker can change webpage links...