CVE-2025-61536

Overview

FelixRiddle dev-jobs-handlebars 1.0 uses absolute password-reset (magic) links using the untrusted `req.headers.host` header and forces the `http://` scheme. An attacker who can control the `Host` header (or exploit a misconfigured proxy/load-balancer that forwards the header unchanged) can cause re...

Critical

Low

Medium

No items found.

Package:

Impact:

Fix:

Year:

CVSS:

Severity:

CVE-2025-61536

Overview

Affected Components

Location

Stop the waste.
Protect your environment with Kodem.

CVE-2025-61536

Overview

Affected Components

Location

Stop the waste.Protect your environment with Kodem.

Stop the waste.
Protect your environment with Kodem.