Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A host header injection vulnerability in Staff Appraisal System v1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This will allow attackers to arbitrarily reset other users' passwords and compromise their accounts.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Staff Appraisal System 安全漏洞
Vulnerability Description
Staff Appraisal System是Debashish Choudhury个人开发者的一个员工考核系统。 Staff Appraisal System v1.0版本存在安全漏洞,该漏洞源于存在主机标头注入漏洞,攻击者可通过用户与精心设计的密码重置链接交互来获取密码重置令牌,可以任意重置其他用户的密码并窃取他们的帐户。
CVSS Information
N/A
Vulnerability Type
N/A