CVE-2023-27237

Name of the Vulnerable Software and Affected Versions LavaLite CMS version 9.0.0

Description The issue is related to a host header injection attack. This type of attack involves manipulating the host header in HTTP requests to potentially bypass security controls or access unauthorized resources.

Recommendations For LavaLite CMS version 9.0.0, as a temporary workaround, consider restricting access to the Host header in incoming requests until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.