CNNVD-202507-710 Information

CNNVD ID

CNNVD-202507-710

Related CVE

CVE-2025-43932

• CNNVD Published: 2025-07-07

Description (Chinese)

JobCenter是NoardGuo个人开发者的一个任务中心应用软件 JobCenter 7e7b0b2及之前版本存在安全漏洞，该漏洞源于未配置SERVER_NAME导致密码重置功能依赖Host HTTP标头，可能导致账户接管。

Description (English)

JobCenter is a mission centre application for NoardGuo personal developers JobCenter 7e7b0b2 and previous versions had a security loophole, which originated from the unconfigured SERVER NAME, resulting in the password replacement function relying on the Host HTTP header, which could lead to the account taking over.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Live Support

Published

2025-07-07

Last Modified

2026-02-24

References

https://github.com/guomaoqiu/JobCenter/blob/7e7b0b2f756d66bba7e592a6c8952c78a3573d9c/app/templates/auth/email/reset_password.txt https://github.com/guomaoqiu/JobCenter/issues/18 https://access.redhat.com/security/cve/cve-2025-43932