CVE-2016-7965Improper Input Validation in Dokuwiki

CWE-20Improper Input Validation7 documents5 sources
Severity
6.5MEDIUMNVD
EPSS
0.4%
top 38.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
DokuwikiDebian Dokuwiki
Timeline
PublishedOct 31
Latest updateMay 17

Description

DokuWiki 2016-06-26a and older uses $_SERVER[HTTP_HOST] instead of the baseurl setting as part of the password-reset URL. This can lead to phishing attacks. (A remote unauthenticated attacker can change the URL's hostname via the HTTP Host header.) The vulnerability can be triggered only if the Host header is not part of the web server routing process (e.g., if several domains are served by the same web server).

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages3 packages

debiandebian/dokuwiki< dokuwiki 2024-02-06b+dfsg-7 (forky)
Debiandokuwiki/dokuwiki< 2024-02-06b+dfsg-7+1
NVDdokuwiki/dokuwiki2016-06-26a

🔴Vulnerability Details

2
GHSA
GHSA-v8rc-559m-rv3h: DokuWiki 2016-06-26a and older uses $_SERVER[HTTP_HOST] instead of the baseurl setting as part of the password-reset URL2022-05-17
OSV
CVE-2016-7965: DokuWiki 2016-06-26a and older uses $_SERVER[HTTP_HOST] instead of the baseurl setting as part of the password-reset URL2016-10-31

📋Vendor Advisories

1
Debian
CVE-2016-7965: dokuwiki - DokuWiki 2016-06-26a and older uses $_SERVER[HTTP_HOST] instead of the baseurl s...2016

💬Community

3
Bugzilla
CVE-2016-7964 CVE-2016-7965 CVE-2017-12583 CVE-2017-12979 CVE-2017-12980 CVE-2017-18123 dokuwiki: Various flaws2016-10-31
Bugzilla
CVE-2016-7964 CVE-2016-7965 CVE-2017-12583 CVE-2017-12979 CVE-2017-12980 CVE-2017-18123 dokuwiki: Various flaws [epel-all]2016-10-31
Bugzilla
CVE-2016-7964 CVE-2016-7965 CVE-2017-12583 CVE-2017-12979 CVE-2017-12980 CVE-2017-18123 dokuwiki: Various flaws [fedora-all]2016-10-31