CVE-2025-61132

7.1 HIGH
Published: October 23, 2025 Modified: October 27, 2025
View on NVD

Description

A Host Header Injection vulnerability in the password reset component in levlaz braindump v0.4.14 allows remote attackers to conduct password reset poisoning and account takeover via manipulation of the Host header when Flask's url_for(_external=True) generates reset links without a fixed SERVER_NAME.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://drive.google.com/file/d/1FmkctLdOTGMdy6GgLaTzfxemdVDeiA7J/view?usp=sharing
Source: cve@mitre.org
https://gist.github.com/BrookeYangRui/94c3bee0c2cbc1ed81a21d4448550c21
Source: cve@mitre.org
https://github.com/levlaz/braindump/blob/9640dd03f99851dbd34dd6cac98a747a4a591b01/app/auth/views.py#L131-L148
Source: cve@mitre.org
https://github.com/levlaz/braindump/blob/9640dd03f99851dbd34dd6cac98a747a4a591b01/app/templates/auth/email/reset_password.html#L1-L8
Source: cve@mitre.org
https://portswigger.net/web-security/host-header/exploiting/password-reset-poisoning
Source: cve@mitre.org

5 reference(s) from NVD

Quick Stats

CVSS v3 Score
7.1 / 10.0
EPSS (Exploit Probability)
0.2%
37th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-620

Related CVEs

CVE-2025-69261 N/A
CVE-2025-69257 6.7
CVE-2025-69210 N/A
CVE-2025-66823 N/A
CVE-2025-50343 N/A