Caido
Monthly
Caido versions prior to 0.55.0 can be bypassed using a crafted X-Forwarded-Host header to circumvent domain whitelist restrictions, allowing unauthenticated remote attackers to reach non-whitelisted domains through port 8080. This vulnerability affects all users of the web security auditing toolkit and could enable attackers to exfiltrate data or attack internal systems. No patch is currently available for affected versions.
Caido versions prior to 0.55.0 can be bypassed using a crafted X-Forwarded-Host header to circumvent domain whitelist restrictions, allowing unauthenticated remote attackers to reach non-whitelisted domains through port 8080. This vulnerability affects all users of the web security auditing toolkit and could enable attackers to exfiltrate data or attack internal systems. No patch is currently available for affected versions.