| عنوان | BootDo web V1.0 Host header injection |
|---|
| الوصف | I found a "host header injection" vulnerability in the AccessControlFilter.java file.
The AccessControlFilter.java file is located in the shrio permission validation component of the project.
He used a method called redirectToLogin that invoked the WebUtils.issueRedirect vulnerability, which set the hostname of the request to the host by default |
|---|
| المصدر | ⚠️ https://github.com/webzzaa/CVE-/issues/5 |
|---|
| المستخدم | Tom132432 (UID 85670) |
|---|
| ارسال | 11/01/2026 10:35 AM (6 أشهر منذ) |
|---|
| الاعتدال | 24/01/2026 08:20 PM (13 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 342794 [lcg0124 BootDo حتى 5ccd963c74058036b466e038cff37de4056c1600 Host Header AccessControlFilter.java redirectToLogin اسم المضيف Redirect] |
|---|
| النقاط | 18 |
|---|