Primary

Context

LDAP Tool Box Self Service Password Password Reset Vulnerability Allowing Account Takeover

Vulnerability

A password reset vulnerability has been identified in LDAP Tool Box Self Service Password version 1.5.2. This vulnerability allows attackers to manipulate HTTP Host headers during the generation of password reset tokens. By crafting malicious password reset requests, attackers can intercept tokens sent to a controlled server, potentially leading to account takeover.

Impact

Exploitation of this vulnerability allows for unauthorized interception and use of password reset tokens, facilitating account takeover.

Reproduction

To reproduce this vulnerability, send a password reset request while manipulating the HTTP Host header to point to a server under control. The application will send a password reset token to the server specified in the Host header. Once the token is received, it can be used to reset the password of the targeted account.

Added: Dec 19, 2025, 9:19 PM

Updated: Dec 19, 2025, 9:19 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

5.0

exploitability

7.4

remediation

0.0

relevance

1.6

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

5.0

exploitability

7.4

remediation

0.0

relevance

1.6

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

LDAP Tool Box Self Service Password Password Reset Vulnerability Allowing Account Takeover

Vulnerability

Impact

Reproduction

Affected Products

LDAP Tool Box Self Service Password

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating