CVE-2022-23079
N/A
N/A
Summary
In motor-admin versions 0.0.1 through 0.2.56 are vulnerable to host header injection in the password reset functionality where malicious actor can send fake password reset email to arbitrary victim.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| motor-admin | motor-admin | 0.0.1 < unspecified | affected |
| motor-admin | motor-admin | unspecified <= 0.2.56 | affected |
Weaknesses
- CWE-116: CWE-116 Improper Encoding or Escaping of Output
ADP Enrichment
CVE Program Container
Additional References
- https://www.mend.io/vulnerability-database/CVE-2022-23079
- https://github.com/motor-admin/motor-admin/commit/a461b7507940a1fa062836daa89c82404fe3ecf9
References
- https://www.mend.io/vulnerability-database/CVE-2022-23079
- https://github.com/motor-admin/motor-admin/commit/a461b7507940a1fa062836daa89c82404fe3ecf9
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.