← LibraryTechnique entry
W-HOST-HEADER-INJImpact
Host Header Injection (Password Reset Poisoning)
App generates password-reset link from request Host header — attacker reset link points at attacker domain.
§ Where this technique fits
W-HOST-HEADER-INJ is catalogued under the Impact tactic of the offensive-security kill-chain. It appears in 0 approved dossiers in the registry, typically.