e107 v2.3.6 Password Reset HTTP Header Injection Fix

github.com 2026-05-27查看中文 →

Security AdvisoryMediume107

Affected:

e107 v2.3.6 and earlier

Fixed in:

04511f9

Referenced CVEs: CVE-2026-43935 · 8.1

文章内图片已隐藏以节省流量 · Upgrade to Pro to view images & offline archive

This content was auto-fetched from github.com, cleaned by our LLM pipeline, and translated to English. View original.

More from this source

Budibase Public API Role Unassignment Cache Invalidation Bypass 2026-05-28 CVE-2024-42553: Cinny Access Token Disclosure via Malicious Emoji Pack 2026-05-28 Budibase SSRF Vulnerability: Plugin URL Upload .tar.gz Substring Bypass and Blacklist Bypass 2026-05-28 Unauthenticated Arbitrary File Write in Dalfox Server Mode 2026-05-28 Budibase SSRF Bypass in REST Datasource via HTTP Redirect (PoC) 2026-05-28

Offline Archive

Offline screenshot & PDF are Pro-exclusive