Dotclear - Dotclear CVE

Filtered by vendor Dotclear Subscribe

Filtered by product Dotclear

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2016-7903	1 Dotclear	1 Dotclear	2017-01-07	4.3 MEDIUM	3.7 LOW
Dotclear before 2.10.3, when the Host header is not part of the web server routing process, allows remote attackers to modify the password reset address link via the HTTP Host header.

Vulnerabilities (CVE)