Wei-Shaw

**Name of the Vulnerable Software and Affected Versions** Sub2API versions prior to 0.1.85 **Description** Sub2API is an AI API gateway platform for managing API quotas. A Password Reset Poisoning issue exists due to trust in the Host and Forwarded headers, allowing manipulation of the password reset link. Attackers can inject a domain into the password reset link, potentially leading to account takeover via the affected endpoint. **Recommendations** Upgrade to version 0.1.85 or later. Disable the "forgot password" feature until an upgrade to a patched version can be performed.