CVE-2021-38290

Published August 9th, 2021

View on NVD ↗

CVSS v3

8.1

HIGH

CVSS v2

6.8

MEDIUM

Affected

PROJECT

Description

A host header attack vulnerability exists in FUEL CMS 1.5.0 through fuel/modules/fuel/config/fuel_constants.php and fuel/modules/fuel/libraries/Asset.php. An attacker can use a man in the middle attack such as phishing.

daylightstudio/FUEL-CMS

A CodeIgniter Content Management System

GitHub

1.02K