CVE-2023-36085

UNKNOWN 0.0

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

The sisqualWFM 7.1.319.103 thru 7.1.319.111 for Android, has a host header injection vulnerability in its "/sisqualIdentityServer/core/" endpoint. By modifying the HTTP Host header, an attacker can change webpage links and even redirect users to arbitrary or malicious locations. This can lead to phishing attacks, malware distribution, and unauthorized access to sensitive resources.

Vendor	n/a
Product	n/a
Published	Oct 24, 2023
Last Updated	Aug 2, 2024

Stay Ahead of the Next One

Get instant alerts for n/a n/a

Be the first to know when new unknown vulnerabilities affecting n/a n/a are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

n/a / n/a

n/a

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/omershaik0/Handmade_Exploits/tree/main/SISQUALWFM-Host-Header-Injection-CVE-2023-36085 packetstormsecurity.com: http://packetstormsecurity.com/files/176991/SISQUAL-WFM-7.1.319.103-Host-Header-Injection.html