| Summary | A host header injection vulnerability in Staff Appraisal System v1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This will allow attackers to arbitrarily reset other users' passwords and compromise their accounts. |
|---|---|
| Publication Date | Aug. 24, 2024, 12:15 a.m. |
| Registration Date | Aug. 26, 2024, 4:56 p.m. |
| Last Update | Aug. 24, 2024, 3:35 a.m. |