Vulnerability Details : CVE-2016-7965
DokuWiki 2016-06-26a and older uses $_SERVER[HTTP_HOST] instead of the baseurl setting as part of the password-reset URL. This can lead to phishing attacks. (A remote unauthenticated attacker can change the URL's hostname via the HTTP Host header.) The vulnerability can be triggered only if the Host header is not part of the web server routing process (e.g., if several domains are served by the same web server).
Vulnerability category: Input validation
Products affected by CVE-2016-7965
- cpe:2.3:a:dokuwiki:dokuwiki:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-7965
0.27%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 68 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-7965
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST | |
6.5
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |
2.8
|
3.6
|
NIST |
CWE ids for CVE-2016-7965
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-7965
-
http://www.securityfocus.com/bid/94237
DokuWiki CVE-2016-7965 Host Address Spoofing Vulnerability
-
https://github.com/splitbrain/dokuwiki/issues/1709
Password Reset Address Spoof Vulnerability in DokuWiki · Issue #1709 · splitbrain/dokuwiki · GitHubExploit;Vendor Advisory
Jump to