{"id":"CVE-2026-43935","summary":"e107: Host Header Injection in e107 password reset enables phishing","details":"e107 is a content management system (CMS). Prior to 2.3.4, a Host Header Injection vulnerability in the password reset page allows attackers to manipulate the Host header to generate password reset links pointing to attacker-controlled domains. This can lead to phishing attacks, account takeover, or other security risks. The severity is high, as the vulnerability affects a critical function related to user authentication. This vulnerability is fixed in 2.3.4.","aliases":["GHSA-7pmw-jwvr-cq2x"],"modified":"2026-07-15T01:49:16.142046872Z","published":"2026-05-26T15:01:36.720Z","database_specific":{"cna_assigner":"GitHub_M","cwe_ids":["CWE-20","CWE-807"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43935.json"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/43xxx/CVE-2026-43935.json"},{"type":"ADVISORY","url":"https://github.com/e107inc/e107/security/advisories/GHSA-7pmw-jwvr-cq2x"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-43935"},{"type":"FIX","url":"https://github.com/e107inc/e107/commit/04511f9f1d6e97c31ba7cc5bf7f1f9a19d221db6"},{"type":"FIX","url":"https://github.com/e107inc/e107/commit/b0dee8234e273debbf7a8ae054de464f1008f357"},{"type":"FIX","url":"https://github.com/e107inc/e107/commit/c4f9f71b0fd695545d0f09e2277b6f70ff4660fc"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/e107inc/e107","events":[{"introduced":"0"},{"fixed":"04511f9f1d6e97c31ba7cc5bf7f1f9a19d221db6"},{"fixed":"b0dee8234e273debbf7a8ae054de464f1008f357"},{"fixed":"c4f9f71b0fd695545d0f09e2277b6f70ff4660fc"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"fixed":"2.3.4"}],"source":["AFFECTED_FIELD","REFERENCES"]}}],"versions":["v2.3.3","v2.3.2","v2.3.1","v2.3.0","v2.3.0-rc1","v2.2.1","v2.2.0","v2.1.9","v2.1.8","v2.1.7","v2.1.6","v2.1.5","v2.1.4","v2.1.3","v2.1.2","v2.1.1","v2.0-beta1","v2.0alpha"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-43935.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}]}