Skip to content

Instantly share code, notes, and snippets.

TJetnipat / CVE-2023-24044
Last active April 18, 2023 10:27
A Host Header Injection issue on the Login page of Plesk Obsidian through 18.0.49 allows attackers to redirect users to malicious websites via a HTTP "Host" request header.
View CVE-2023-24044
Vulnerability: Host Header Injection
Product: Plesk Obsidian
Version: 18.0.49 and below
Burp Suite
Mozilla Firefox (as a browser)