CVE-2022-23079

In motor-admin versions 0.0.1 through 0.2.56 are vulnerable to host header injection in the password reset functionality where malicious…

Mend·CWE-116·Published 2022-06-22

CVSS

—

EPSS

0.01

KEV

Exploits

cve.orgen

198 chars

In motor-admin versions 0.0.1 through 0.2.56 are vulnerable to host header injection in the password reset functionality where malicious actor can send fake password reset email to arbitrary victim.

NVDen

198 chars

In motor-admin versions 0.0.1 through 0.2.56 are vulnerable to host header injection in the password reset functionality where malicious actor can send fake password reset email to arbitrary victim.

NVDes

258 chars

En motor-admin versiones 0.0.1 hasta 0.2.56, son vulnerables a una inyección de encabezado de host en la funcionalidad password reset donde un actor malicioso puede enviar un correo electrónico falso de restablecimiento de contraseña a una víctima arbitraria

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P