CVE-2016-7965

Name of the Vulnerable Software and Affected Versions DokuWiki versions 2016-06-26a and older

Description The issue allows a remote unauthenticated attacker to change the hostname in the password-reset URL via the HTTP Host header, potentially leading to phishing attacks. This can be triggered if the Host header is not part of the web server routing process, such as when multiple domains are served by the same web server.

Recommendations For DokuWiki versions 2016-06-26a and older, consider updating to a version that uses the baseurl setting instead of $ SERVER['HTTP HOST'] for the password-reset URL. As a temporary workaround, ensure that the Host header is part of the web server routing process to prevent exploitation. Restrict access to the password-reset functionality until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.