CVE-2022-40870 - Breaking Down Host Header Injection in Parallels Remote Application Server v18. Web Client
In late 2022, security researchers discovered a significant vulnerability in the web client of Parallels Remote Application Server (RAS) v18.: a Host Header Injection that