CVE-2025-63828 - CERT CVE

  1. CVE-2025-63828

ID CVE-2025-63828
Sažetak Host Header Injection vulnerability in Backdrop CMS 1.32.1 allows attackers to manipulate the Host header in password reset requests, leading to redirects to malicious domains and potential session hijacking via cookie injection.
Reference
CVSS
Base: 0.0
Impact: None
Exploitability:None
Pristup
VektorSloženostAutentikacija
None None None
Impact
PovjerljivostCjelovitostDostupnost
None None None
CVSS vektor None
Zadnje važnije ažuriranje 18-11-2025 - 18:16
Objavljeno 18-11-2025 - 18:16