discoverer of CVE-2025-22381 #1
Description
Hello,
I noticed that this repository documents CVE-2025-22381 and lists different individuals as the discoverers.
I am the original discoverer of CVE-2025-22381, as officially recorded during the CVE assignment process by MITRE. The CVE ID was issued based on my vulnerability report.
I fully respect independent analysis and proof-of-concept development. However, when referencing an assigned CVE, the discoverer attribution should reflect the official record.
Additionally, I observed that parts of the PoC and technical explanation omit some important implementation details regarding how the Host header is handled in the reset flow. If helpful, I would be willing to clarify the technical specifics to ensure accuracy.
I kindly request that the discoverer attribution be corrected to reflect the official CVE record.
Thank you for your understanding.
Best regards,
Anas Abderrahman Benbarek