CVE-2024-42915 - Apache Staff Appraisal System Host Header Injection Vulnerability
<strong>CVE ID : </strong>CVE-2024-42915
<br>
<strong>Published : </strong> Aug. 23, 2024, 3:15 p.m. | 2 hours, 8 minutes ago
<br>
<strong>Description : </strong>A host header injection vulnerability in Staff Appraisal System v1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This will allow attackers to arbitrarily reset other users' passwords and compromise their accounts.
<br>
<strong>Severity:</strong> 0.0 | NA
<br>
Visit the link for more details, such as CVSS details, affected products, timeline, and more...