all InfoSec news
CVE-2023–24044:Host Header Injection on the Login page of Plesk Obsidian
April 10, 2023, 10:20 a.m. | ASWIN K V
System Weakness - Medium systemweakness.com
Host header injection issue on the login page of Plesk Obsidian through 18.0.49 allows attackers to redirect users to malicious websites.
During testing, it was determined that the Plesk Obsidian Login page is vulnerable to Host Header Injection attacks.
An attacker can utilise the Host request header to reroute customers to a malicious website rather than the official Plesk login page.
This vulnerability may be used to steal user credentials or to infect the victim’s machine with …
bug bounty cve cybersecurity hacking header host injection login obsidian programming web3
More from systemweakness.com / System Weakness - Medium
OSI Model & TCP/IP Comparison
16 hours ago |
systemweakness.com
Clocky | TryHackMe Write-up
2 days, 11 hours ago |
systemweakness.com
Tuesday Morning Threat Report: Apr 30, 2024
2 days, 11 hours ago |
systemweakness.com
Jobs in InfoSec / Cybersecurity
Security Specialist
@ Nestlé | St. Louis, MO, US, 63164
Cybersecurity Analyst
@ Dana Incorporated | Pune, MH, IN, 411057
Sr. Application Security Engineer
@ CyberCube | United States
Linux DevSecOps Administrator (Remote)
@ Accenture Federal Services | Arlington, VA
Cyber Security Intern or Co-op
@ Langan | Parsippany, NJ, US, 07054-2172
Security Advocate - Application Security
@ Datadog | New York, USA, Remote