{“lastseen”:””,”description”:”JUNG Smart Visu Server 1.1.1050 contains a request header manipulation vulnerability that allows unauthenticated attackers to override request URLs by injecting arbitrary values in the X-Forwarded-Host header. Attackers can manipulate proxied requests to generate tainted responses, enabling cache poisoning, potential phishing, and redirecting users to malicious domains.”,”published”:”2026-02-12T02:31:11.882Z”,”modified”:”2026-02-12T02:31:11.882Z”,”type”:”cve”,”title”:”JUNG Smart Visu Server – Improper Neutralization of HTTP Headers for Scripting Syntax”,”source”:”VulnCheck”,”references”:”https:\/\/www.zeroscience.mk\/en\/vulnerabilities\/ZSL-2026-5970.php\\nhttps:\/\/www.vulncheck.com\/advisories\/jung-smart-visu-server-improper-neutralization-of-http-headers-for-scripting-syntax”,”id”:”CVE-2026-26234″,”bulletinFamily”:””,”cwe”:[“CWE-644″],”cvelist”:null,”sourceData”:”ALBRECHT JUNG GMBH \\u0026 CO. KG JUNG Smart Visu Server 1.1.1050\\nALBRECHT JUNG GMBH \\u0026 CO. KG JUNG Smart Visu Server 1.0.905\\nALBRECHT JUNG GMBH \\u0026 CO. KG JUNG Smart Visu Server 1.0.832\\nALBRECHT JUNG GMBH \\u0026 CO. KG JUNG Smart Visu Server 1.0.830″,”sourceHref”:””,”cvss”:{“score”:8.7,”severity”:”HIGH”,”vector”:”CVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:N\/UI:P\/VC:H\/VI:H\/VA:H\/SC:N\/SI:N\/SA:N”,”version”:”4.0″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”JUNG Smart Visu Server”,”version”:”1.1.1050″,”vendor”:”ALBRECHT JUNG GMBH \\u0026 CO. KG”,”ai_description”:”Request header manipulation vulnerability allowing unauthenticated attackers to override request URLs and potentially enable cache poisoning, phishing, and redirecting users to malicious domains”,”ai_severity”:”High”,”ai_vendor”:”ALBRECHT JUNG GMBH \\u0026 CO. KG”,”ai_product”:”JUNG Smart Visu Server”,”ai_version”:”1.1.1050, 1.0.905, 1.0.832, 1.0.830″,”ai_score”:8.7}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”JUNG Smart Visu Server 1.1.1050 contains a request header manipulation vulnerability that allows unauthenticated attackers to override request URLs by injecting arbitrary values in the…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,19,12,15,13,7,11,5],"class_list":["post-40540","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-87","tag-exploit","tag-high","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n