← All advisoriesUnrated severityOSV Advisory· Published Dec 20, 2018· Updated Aug 5, 2024CVE-2018-16627CVE-2018-16627Descriptionpanel/login in Kirby v2.5.12 allows Host header injection via the "forget password" feature.Affected products2Getkirby/PanelOSVRange: 2.0.0, 2.0.2, 2.0.3, …Getkirby/Kirbyllm-fuzzyRange: = 2.5.12PatchesVulnerability mechanicsNews mentions0No linked articles in our index yet.