Primary

Context

JobCenter Host Header Injection Vulnerability Leading to Account Takeover

Vulnerability

A vulnerability in JobCenter versions through 7e7b0b2 allows for account takeover via the password reset feature. The issue arises because the SERVER_NAME is not properly configured, causing the password reset process to rely on the Host HTTP header. This vulnerability can be exploited by manipulating the Host header to redirect the password reset link to a malicious domain, intercepting the reset token.

Impact

Exploitation of this vulnerability allows for remote account takeover.

Remediation

To address this vulnerability, configure the SERVER_NAME in the application settings, sanitize or validate the Host header, and remove the '_external=True' option from the url_for function if it is not absolutely necessary.

Added: Jul 7, 2025, 4:56 PM

Updated: Jul 7, 2025, 4:56 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.3

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.3

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

JobCenter Host Header Injection Vulnerability Leading to Account Takeover

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating