CVE-2025-61543 Blast Radius

HIGH • CVSS 7.1A Host Header Injection vulnerability exists in the password reset functionality of CraftMyCMS 4.0.2.2. The system uses `$_SERVER['HTTP_HOST']` direct…

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2025-61543.

Start Free Scan →← Back to CVE-2025-61543