[HIGH] Host header injection in the password reset

PKSA-gcg7-gh1f-cfth CVE-2024-23648 GHSA-mrqg-mwh7-q94j

Affected package: pimcore/admin-ui-classic-bundle

Affected version: <1.2.3

Reported by:
GitHub