CVE-2016-7965

DokuWiki 2016-06-26a and older uses $SERVER[HTTPHOST] instead of the baseurl setting as part of the password-reset URL. This can lead to phishing attacks. (A remote unauthenticated attacker can change the URL's hostname via the HTTP Host header.) The vulnerability can be triggered only if the Host header is not part of the web server routing process (e.g., if several domains are served by the same web server).

References

Affected packages

Git / github.com/splitbrain/dokuwiki

Affected ranges

Type

GIT

Repo

https://github.com/splitbrain/dokuwiki

Events

Introduced

Last affected

ca9c643957e80bc6f0242318d7376b64fb6960f4

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2016-06-26a"
        }
    ]
}

Affected versions

Other

release-2005-07-01

release-2005-07-13

release-2005-09-19

release-2005-09-22

release-2006-03-05

release-2006-03-09

release-2006-09-28rc

release-2006-10-08rc

release-2006-10-19rc

release-2006-11-06

release-2007-05-24rc

release-2007-06-26

release-2008-03-31rc

release-2008-04-11rc

release-2008-05-04

release-2008-05-05

release-2009-01-26rc

release-2009-01-30rc

release-2009-02-06rc

release-2009-02-14

release-2009-12-02rc

release-2009-12-25

release-2010-10-07rc

release-2010-10-27rc

release-2010-11-07

release-2010-11-07a

release-2010-11-07b

release-2013-12-08a

release-2014-05-05b

release-2014_05_05c

release-2014_05_05d

release-2014_05_05e

release-2016-06-26b

release-2016-06-26c

release-2016-06-26d

release-2016-06-26e

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-7965.json"