B3NCLOUD ARTICLE INTELLIGENCE

ARTICLEVIEW

Zurück zu News
cvefeed.io
RISK: Mittel (3.1)

CVE-2026-50635 - LimeSurvey Password Reset Host Header Injection Discloses Reset Token

CVE ID :CVE-2026-50635 Published : June 9, 2026, 6:17 p.m. | 58 minutes ago Description :LimeSurvey constructs account password-reset links from the client-supplied HTTP Host header without validating it. The optional allowedHosts allowlist that would constrain this is undefined in the...

#Sicherheitslücke
Original-Artikel öffnen Zurück zur Übersicht

VERWANDTEARTIKEL

[Unknown] CVE-2026-8863 – Multiple version of UEFI SHIM bootloaders are vulnerable to SecureBoot bypass t...

2026-06-09 Mittel

[Medium] CVE-2026-40639 – Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. A...

2026-06-09 Mittel

[Unknown] CVE-2026-36823 – Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to conta...

2026-06-09 Mittel

[Unknown] CVE-2026-39169 – SEMCMS 5.0 is vulnerable to unauthorized access in SEMCMS_copy.php.

2026-06-09 Mittel

[Unknown] CVE-2026-39170 – SemCms 5.0 is vulnerable to Cross Site Request Forgery (CSRF) via crafted POST r...

2026-06-09 Mittel

[Unknown] CVE-2026-36817 – Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to cont...

2026-06-09 Mittel