Summary by National Aeronautics and Space Administration (NASA) - Vulnerability Disclosure Program
Site has been remediated. X headers updated
Site has been remediated. X headers updated
When sending a request with a modified value in the X-Forwarded-Host header, the server changes the redirection destination (Location) to the injected value. This vulnerability allows attackers to redirect users to malicious sites without their knowledge.