Vulnerability Details CVE-2022-23079
In motor-admin versions 0.0.1 through 0.2.56 are vulnerable to host header injection in the password reset functionality where malicious actor can send fake password reset email to arbitrary victim.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.6%
CVSS Severity
CVSS v2 Score 6.8
References
Products affected by CVE-2022-23079
-
cpe:2.3:a:getmotoradmin:motor_admin:0.0.1
-
cpe:2.3:a:getmotoradmin:motor_admin:0.0.2
-
cpe:2.3:a:getmotoradmin:motor_admin:0.0.3
-
cpe:2.3:a:getmotoradmin:motor_admin:0.0.4
-
cpe:2.3:a:getmotoradmin:motor_admin:0.0.5
-
cpe:2.3:a:getmotoradmin:motor_admin:0.2.16
-
cpe:2.3:a:getmotoradmin:motor_admin:0.2.17
-
cpe:2.3:a:getmotoradmin:motor_admin:0.2.18
-
cpe:2.3:a:getmotoradmin:motor_admin:0.2.19
-
cpe:2.3:a:getmotoradmin:motor_admin:0.2.21
-
cpe:2.3:a:getmotoradmin:motor_admin:0.2.23
-
cpe:2.3:a:getmotoradmin:motor_admin:0.2.24
-
cpe:2.3:a:getmotoradmin:motor_admin:0.2.25
-
cpe:2.3:a:getmotoradmin:motor_admin:0.2.26
-
cpe:2.3:a:getmotoradmin:motor_admin:0.2.31
-
cpe:2.3:a:getmotoradmin:motor_admin:0.2.33
-
cpe:2.3:a:getmotoradmin:motor_admin:0.2.35
-
cpe:2.3:a:getmotoradmin:motor_admin:0.2.38
-
cpe:2.3:a:getmotoradmin:motor_admin:0.2.49
-
cpe:2.3:a:getmotoradmin:motor_admin:0.2.51
-
cpe:2.3:a:getmotoradmin:motor_admin:0.2.56