GitHub

Potential Host Header Injection / Open Redirect in Password Reset Flow

There appears to be a Host Header injection vulnerability in the password reset feature of the VigyBag application. An attacker could potentially craft a malicious password reset link that uses an ...