Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:35018
HistoryApr 08, 2022 - 7:54 a.m.

Host Header Injection

2022-04-0807:54:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
remdex livehelperchat host header injection password reset vulnerability malicious attacker user account

EPSS

0.002

Percentile

56.5%

JSON

remdex/livehelperchat is vulnerable to host header injection. The library does not properly validate the URL for password reset which allows a malicious attacker to generate a fake password link and take over the user account

Related

cvelist 1
prion 1
huntr 1
osv 2
cve 1
cnvd 1
nvd 1
cvelist
cvelist
CVE-2022-0935 Host Header injection in password Reset in livehelperchat/livehelperchat
2022-04-07 18:21:42
prion
prion
Design/Logic Flaw
2022-04-07 19:15:00
huntr
huntr
Host Header injection in password Reset
2022-03-11 16:05:20
osv
osv
BIT-livehelperchat-2022-0935
2024-03-06 10:56:15
CVE-2022-0935
2022-04-07 19:15:08
cve
cve
CVE-2022-0935
2022-04-07 19:15:08
cnvd
cnvd
An unspecified vulnerability exists in livehelperchat (CNVD-2022-55057)
2022-04-11 00:00:00
nvd
nvd
CVE-2022-0935
2022-04-07 19:15:08

EPSS

0.002

Percentile

56.5%

JSON
Related for VERACODE:35018
cvelist1prion1huntr1osv2cve1cnvd1nvd1