High severity7.5NVD Advisory· Published Dec 19, 2025· Updated Apr 15, 2026
CVE-2023-53958
CVE-2023-53958
Description
LDAP Tool Box Self Service Password 1.5.2 contains a password reset vulnerability that allows attackers to manipulate HTTP Host headers during token generation. Attackers can craft malicious password reset requests that generate tokens sent to a controlled server, enabling potential account takeover by intercepting and using stolen reset tokens.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: =1.5.2
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.