Security Advisory

CVE-2024-42903

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-09-03 00:00:00

Last updated 2025-03-13 20:30:26

Assigner mitre

State PUBLISHED

Description

A Host header injection vulnerability in the password reset function of LimeSurvey v.6.6.1+240806 and before allows attackers to send users a crafted password reset link that will direct victims to a malicious domain.

← Browse all CVEs View on cve.org ↗