JUNG Smart Visu Server 1.1.1050 contains a request header manipulation vulnerability that allows unauthenticated attackers to override request URLs by injecting arbitrary values in the X-Forwarded-Host header. Attackers can manipulate proxied requests to generate tainted responses, enabling cache poisoning, potential phishing, and redirecting users to malicious domains.
Add your gear to cvedb and we'll alert you only when jung-group ships something exploited.
Check my exposure →This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.