High severity8.8NVD Advisory· Published Sep 26, 2024· Updated Apr 15, 2026
CVE-2024-45980
CVE-2024-45980
Description
A host header injection vulnerability in MEANStore 1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This allows attackers to arbitrarily reset other users' passwords and compromise their accounts.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.