Description
A Host Header Injection vulnerability in qdPM 9.1 may allow an attacker to spoof a particular header and redirect users to malicious websites.
Remediation
References
Related Vulnerabilities
Ruby on Rails Other Vulnerability (CVE-2013-0333)
WordPress Plugin Subscribe To Comments Reloaded Multiple Vulnerabilities (140204)
Joomla Deserialization of Untrusted Data Vulnerability (CVE-2019-11831)
osCommerce Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-18572)
WordPress Plugin Scriptless Social Sharing Cross-Site Scripting (3.2.1)