CVE-2021-25980 Information
Jun 07, 2022
cve
Description
In Talkyard versions v0.04.01 through v0.6.74-WIP-63220cb v0.2020.22-WIP-b2e97fe0e through v0.2021.02-WIP-879ef3fe1 and tyse-v0.2021.02-879ef3fe1-regular through tyse-v0.2021.28-af66b6905-regular are vulnerable to Host Header Injection. By luring a victim application-user to click on a link an unauthenticated attacker can use the “forgot password” functionality to reset the victim’s password and successfully take over their account.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Reference
https://github.com/debiki/talkyard/commit/4067e191a909ed06f250d09a40e43aa5edbb0289 https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25980
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
8.8
Share on: