[Suggested description]
LavaLite CMS v 9.0.0 was discovered to be vulnerable to a host header injection attack.
[Vulnerability Type]
Host Header Injection
[Vendor of Product]
LavaLite
[Affected Product Code Base]
LavaLite CMS - v 9.0.0
[Discoverer]
Mohamed Magdy Abumsulim a.k.a m19o
[Reference]
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27237