Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Host Header Injection in HotelRunner's B2B
Vulnerability Description
Improper Validation of Certificate with Host Mismatch vulnerability in HotelRunner B2B allows HTTP Response Splitting.This issue affects B2B: before 04.06.2025.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
Vulnerability Type
对宿主不匹配的证书验证不恰当
Vulnerability Title
HotelRunner B2B 安全漏洞
Vulnerability Description
HotelRunner B2B是土耳其HotelRunner公司的一个为酒店行业提供业务管理与合作的软件工具。 HotelRunner B2B 04.06.2025之前版本存在安全漏洞,该漏洞源于证书主机不匹配验证不当,可能导致HTTP响应拆分。
CVSS Information
N/A
Vulnerability Type
N/A