Host Header Injection Vulnerability in HCL Aftermarket EPC
CVE-2024-23577
4.3MEDIUM
What is CVE-2024-23577?
The HCL Aftermarket EPC application is susceptible to host header injection due to insufficient validation of the HOST header in HTTP requests. This flaw allows attackers to manipulate the host header, potentially leading to severe security implications such as Host header poisoning and server misconfigurations. Unvalidated input can permit malicious requests, affecting the application's integrity and availability.
Affected Version(s)
Aftermarket EPC version 1.0.0
