RSS   Vulnerabilities for 'Exponentcms'   RSS

2021-08-16
 
CVE-2021-38751

CWE-116
 

 
A HTTP Host header attack exists in ExponentCMS 2.6 and below in /exponent_constants.php. A modified HTTP header can change links on the webpage to an arbitrary value, leading to a possible attack vector for MITM.

 

 >>> Vendor: Exponentcms 2 Products
Exponent cms
Exponentcms


Copyright 2024, cxsecurity.com

 

Back to Top