216.73.216.86

CVE-2026-45013

· Published 12/06/2026 23:16 · Modified 13/06/2026 04:17 · Author: The MITRE Corporation

Labels: CVE-2026-45013 2026-06-12CVE-2026-45013CWE-20[email protected]

Essential information

Published
12/06/2026 23:16
Modified
13/06/2026 04:17
Author
The MITRE Corporation
Creator
The MITRE Corporation
CVSS
8.1 HIGH (v3.1)
CISA KEV
No
CWE
CWE-20
EPSS (First)
P34.0% ?EPSS percentile: rank of this vulnerability versus all others. Higher percentile = more likely to be exploited. Learn more (score 0.00140)
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

CVSS metrics

Description

ApostropheCMS is an open-source Node.js content management system. Versions up to and including 4.29.0 have a password reset flow that constructs the reset URL using `req.hostname`, which is derived directly from the attacker-controlled HTTP `Host` header when `apos.baseUrl` is not explicitly configured. An unauthenticated attacker who knows a victim's email address can send a crafted reset request that causes the application to email the victim a reset link pointing to the attacker's domain. When the victim clicks the link, the valid reset token is delivered to the attacker, enabling full account takeover. As of time of publication, no known patched versions are available.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
apostrophecms / apostrophe cpe:2.3:a:apostrophecms:apostrophe:*:4.29.0:*:*:*:*:*:*

References