|
Description:
A host header injection vulnerability has been discovered in SecZetta's NEProfile product. Authenticated remote adversaries can poison the host header resulting in the attacker controlling response 302 execution flow. The issue affects version 3.3.11 and has not been tested on other versions of the product. Nice work, Bryan. More to follow! https://seclists.org/fulldisclosure/2020/Aug/17
0 Comments
Leave a Reply. |
Archives
September 2021
Categories
All
|
RSS Feed
|
Pathfynder 2021 | All Rights Reserved
|