Medium severity6.1NVD Advisory· Published Oct 25, 2023· Updated Jun 17, 2026
CVE-2023-36085
CVE-2023-36085
Description
The sisqualWFM 7.1.319.103 thru 7.1.319.111 for Android, has a host header injection vulnerability in its "/sisqualIdentityServer/core/" endpoint. By modifying the HTTP Host header, an attacker can change webpage links and even redirect users to arbitrary or malicious locations. This can lead to phishing attacks, malware distribution, and unauthorized access to sensitive resources.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- sisqualWFM/sisqualWFMdescription
- Range: 7.1.319.103 - 7.1.319.111
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.