Security Advisory

CVE-2024-42915

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-08-23 00:00:00

Last updated 2024-08-23 18:07:55

Assigner mitre

State PUBLISHED

Description

A host header injection vulnerability in Staff Appraisal System v1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This will allow attackers to arbitrarily reset other users passwords and compromise their accounts.

← Browse all CVEs View on cve.org ↗