Name of the Vulnerable Software and Affected Versions:

heimdall version 2.6.3-ls307

Description:

The application does not properly validate user-supplied HTTP headers, specifically `X-Forwarded-Host` and `Referer`. This allows for Host Header Injection and Open Redirect attacks. An unauthenticated remote attacker can manipulate these headers to load external resources from attacker-controlled domains and redirect users, potentially enabling phishing, UI redress, and session theft. The issue is due to insufficient validation of untrusted input, impacting the application’s integrity and trustworthiness.

Recommendations:

Apply input validation and sanitization to the `X-Forwarded-Host` and `Referer` HTTP headers to prevent manipulation.