Host Header Attack Vulnerability in FUEL CMS 1.5.0

Host Header Attack Vulnerability in FUEL CMS 1.5.0

CVE-2021-38290 · HIGH Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

A host header attack vulnerability exists in FUEL CMS 1.5.0 through fuel/modules/fuel/config/fuel_constants.php and fuel/modules/fuel/libraries/Asset.php. An attacker can use a man in the middle attack such as phishing.

Learn more about our Cms Pen Testing.