Search by 
PKSA-8467-6xvh-v57b Security Advisory
-
[HIGH] AzuraCast has Password Reset Poisoning via Untrusted X-Forwarded-Host Header that Leads to Account Takeover and 2FA Bypass
PKSA-8467-6xvh-v57b CVE-2026-42606 GHSA-gv7r-3mr9-h5x8
Affected package: azuracast/azuracast
Affected version: <=0.23.5
Reported by:
GitHub