Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Dotclear Permissions Privileges and Access Controls Vulnerability - CVE-2016-7903 - Vulnerability Database
Dotclear

Dotclear Permissions Privileges and Access Controls Vulnerability - CVE-2016-7903

Low
Reference: CVE-2016-7903
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2016-7903
Title: Dotclear Permissions Privileges and Access Controls Vulnerability
Overview:

Dotclear before 2.10.3 when the Host header is not part of the web server routing process allows remote attackers to modify the password reset address link via the HTTP Host header.