Password Reset Vulnerability
Password reset poisoning is a technique whereby an attacker manipulates a vulnerable website into generating a password reset link pointing to a domain under their control. This behavior can be leveraged to steal the secret tokens required to reset arbitrary users' passwords and, ultimately, compromise their accounts.
Email Header Injection on Reset Password Function
HTB
References
- https://portswigger.net/web-security/host-header/exploiting/password-reset-poisoning
- https://medium.com/@tameemkhalid786/host-header-injection-on-password-reset-functionality-an-easy-p2-5c6263c2e3d4
- https://infosecwriteups.com/password-reset-poisoning-with-host-header-injection-345b902a9ca5
- https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/07-Input_Validation_Testing/17-Testing_for_Host_Header_Injection