[MEDIUM] LavaLite CMS vulnerable to host header injection attack

PKSA-g6vf-n3m4-m9qn CVE-2023-27237 GHSA-94q4-v5g6-qp7x

Affected package: lavalite/cms

Affected version: <=9.0.0

Reported by:
GitHub