XSS via Host Header injection and Steal Password Reset Token of another user
No issues in this repository yet.