High severity8.8NVD Advisory· Published Sep 26, 2024· Updated Apr 15, 2026
CVE-2024-45982
CVE-2024-45982
Description
A host header injection vulnerability in scheduleR v0.0.18 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This allows attackers to arbitrarily reset other users' passwords and compromise their accounts.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: v0.0.18
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.