2025-02-27 00:00:00
mitre
PUBLISHED
A host header injection vulnerability in SysPass 3.2x allows an attacker to load malicious JS files from an arbitrary domain which would be executed in the victims browser.