Invia #736271: BootDo web V1.0 Host header injectioninformazioni

TitoloBootDo web V1.0 Host header injection
DescrizioneI found a "host header injection" vulnerability in the AccessControlFilter.java file. The AccessControlFilter.java file is located in the shrio permission validation component of the project. He used a method called redirectToLogin that invoked the WebUtils.issueRedirect vulnerability, which set the hostname of the request to the host by default
Fonte⚠️ https://github.com/webzzaa/CVE-/issues/5
Utente
 Tom132432 (UID 85670)
Sottomissione11/01/2026 10:35 (6 mesi fa)
Moderazione24/01/2026 20:20 (13 days later)
StatoAccettato
Voce VulDB342794 [lcg0124 BootDo fino a 5ccd963c74058036b466e038cff37de4056c1600 Host Header AccessControlFilter.java redirectToLogin Nome host Redirect]
Punti18

Want to stay up to date on a daily basis?

Enable the mail alert feature now!