Vulnerabilities > CVE-2021-30185 - Unspecified vulnerability in Cern Indico

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
network
low complexity
cern

Summary

CERN Indico before 2.3.4 can use an attacker-supplied Host header in a password reset link.