CVE-2026-43935

Description

e107 is a content management system (CMS). Prior to 2.3.4, a Host Header Injection vulnerability in the password reset page allows attackers to manipulate the Host header to generate password reset links pointing to attacker-controlled domains. This can lead to phishing attacks, account takeover, or other security risks. The severity is high, as the vulnerability affects a critical function related to user authentication. This vulnerability is fixed in 2.3.4.

CVSS v3.1 Score

8.1

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

EPSS — Exploit Prediction

0.0013

Probability of exploitation

0.33%

Percentile rank

EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.

Weakness Type (CWE)

CWE-20 Improper Input Validation

CWE-807 CWE-807

References

Other References

https://github.com/e107inc/e107/commit/04511f9f1d6e97c31ba7cc5bf7f1f9a19d221db6 https://github.com/e107inc/e107/commit/b0dee8234e273debbf7a8ae054de464f1008f357 https://github.com/e107inc/e107/commit/c4f9f71b0fd695545d0f09e2277b6f70ff4660fc https://github.com/e107inc/e107/security/advisories/GHSA-7pmw-jwvr-cq2x https://github.com/e107inc/e107/security/advisories/GHSA-7pmw-jwvr-cq2x

Frequently Asked Questions

What is CVE-2026-43935? +

e107 is a content management system (CMS). Prior to 2.3.4, a Host Header Injection vulnerability in the password reset page allows attackers to manipulate the Host header to generate password reset links pointing to attacker-controlled domains. This can lead to phishing attacks, account takeover, or other security risks. The severity is high, as the vulnerability affects a critical function related to user authentication. This vulnerability is fixed in 2.3.4. It has a CVSS v3.1 base score of 8.1 (HIGH).

How severe is CVE-2026-43935? +

CVE-2026-43935 has a CVSS v3.1 score of 8.1 out of 10, rated HIGH. This is a high-severity vulnerability that should be prioritized for patching. The EPSS score is 0.0013, placing it in the 0th percentile for exploitation probability.

How do I check if I'm vulnerable to CVE-2026-43935? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2025-13826

Zervit's portable HTTP/web server is vulnerable to remote DoS attacks when a configuration reset request is made. The vulnerability is …

CVE-2024-54011

Penetration Testing engineers at Amazon have discovered a flaw where the camera system fails to properly handle data supplied in …

CVE-2026-6409

A Denial of Service (DoS) vulnerability exists in the Protobuf PHP library during the parsing of untrusted input. Maliciously structured …

CVE-2026-3294

An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a …

CVE-2026-42459

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the free5GC UDM component fails to validate …

CVE-2026-42553

Cinny is a Matrix client. Prior to 4.10.3, A remote authenticated attacker who shares a room with a victim and …