A host header injection vulnerability exists within the forgot password functionality of ArrowCMS Variation 1.0.0. By sending a specifically crafted host header while in the forgot password request, it is possible to https://www.ralantech.com/mysql-database-health-check-consulting-service/