admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2016/CVE-2016-7903.md
0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024
2024-05-26 14:27:05 +02:00

18 lines
629 B
Markdown
Raw Blame History

### [CVE-2016-7903](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7903)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
### Description
Dotclear before 2.10.3, when the Host header is not part of the web server routing process, allows remote attackers to modify the password reset address link via the HTTP Host header.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/ambulong/aboutme
Reference in New Issue View Git Blame Copy Permalink