CVE-2025-43932

Published July 7th, 2025

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

N/A

Affected

PROJECT

Description

JobCenter through 7e7b0b2 allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends on the Host HTTP header.

guomaoqiu/JobCenter

⌚️让添加执行计划任务变得更加优雅~ Flask-Apscheduler Job Center🌹

GitHub

232