25 Oct 2023
Vulnérabilité CVE-2023-36085 CVE Vulnerability
The sisqualWFM 7.1.319.103 thru 7.1.319.111 for Android, has a host header injection vulnerability in its "/sisqualIdentityServer/core/" endpoint. By modifying the HTTP Host header, an attacker can change webpage links and even redirect users to arbitrary or malicious locations. This can lead to phishing attacks, malware distribution, and unauthorized access to sensitive resources. (CVSS:0.0) (Last Update:2023-10-25 18:17:28)
Vulnerability Details :
The sisqualWFM 7.1.319.103 thru 7.1.319.111 for Android, has a host header injection vulnerability in its "/sisqualIdentityServer/core/" endpoint. By modifying the HTTP Host header, an attacker can change webpage links and even redirect users to arbitrary or malicious locations. This can lead to phishing attacks, malware distribution, and unauthorized access to sensitive resources.
Vulnerability category:Bypass
Exploit prediction scoring system (EPSS) score for CVE-2023-36085
We don't have an EPSS score for this CVE yet EPSS FAQ