Security Advisory

CVE-2023-53958

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-19 21:05:52

Last updated 2026-04-07 14:08:12

Assigner VulnCheck

State PUBLISHED

Description

LDAP Tool Box Self Service Password 1.5.2 contains a password reset vulnerability that allows attackers to manipulate HTTP Host headers during token generation. Attackers can craft malicious password reset requests that generate tokens sent to a controlled server, enabling potential account takeover by intercepting and using stolen reset tokens.

← Browse all CVEs View on cve.org ↗