Unrated severityNVD Advisory· Published Aug 16, 2021· Updated Aug 4, 2024
CVE-2021-38751
CVE-2021-38751
Description
A HTTP Host header attack exists in ExponentCMS 2.6 and below in /exponent_constants.php. A modified HTTP header can change links on the webpage to an arbitrary value, leading to a possible attack vector for MITM.
Affected products
2- ExponentCMS/ExponentCMSdescription
- Range: <=2.6
Patches
Vulnerability mechanics
References
1- github.com/exponentcms/exponent-cms/issues/1544mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.