CVE-2021-45226

An issue was discovered in COINS Construction Cloud 11.12. Due to improper validation of user-controlled HTTP headers, attackers can cause it to send password-reset e-mails pointing to arbitrary websites.
Configurations

Configuration 1

cpe:2.3:a:coins-global:construction_cloud:11.12:*:*:*:*:*:*:*

Information

Published : 2022-01-24 08:15

Updated : 2022-07-12 05:42


NVD link : CVE-2021-45226

Mitre link : CVE-2021-45226

Products Affected
No products.
CWE
CWE-116

Improper Encoding or Escaping of Output