Security Advisory

CVE-2024-45982

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-09-26 00:00:00

Last updated 2024-09-26 20:20:33

Assigner mitre

State PUBLISHED

Description

A host header injection vulnerability in scheduleR v0.0.18 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This allows attackers to arbitrarily reset other users passwords and compromise their accounts.

← Browse all CVEs View on cve.org ↗