Published: 20/04/2012 Updated: 04/01/2018

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

VMScore: 585

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Open redirect vulnerability in index.php (aka the Login Page) in ownCloud prior to 3.0.3 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect_url parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
owncloud owncloud
owncloud owncloud 3.0.0
owncloud owncloud 3.0.1

source: wwwsecurityfocuscom/bid/53145/info ownCloud is prone to a URI open-redirection vulnerability, multiple cross-site scripting vulnerabilities and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input An attacker could leverage the cross-site scripting issues to execute arbitrary script c ...

ownCloud version 300 suffers from cross site scripting and open redirection vulnerabilities ...

CWE-20 http://www.tele-consulting.com/advisories/TC-SA-2012-01.txt http://secunia.com/advisories/48850 http://www.openwall.com/lists/oss-security/2012/09/02/2 http://owncloud.org/security/advisories/CVE-2012-2270/http://www.openwall.com/lists/oss-security/2012/08/11/1 https://exchange.xforce.ibmcloud.com/vulnerabilities/75029 http://www.securityfocus.com/bid/53145 http://packetstormsecurity.org/files/111956/ownCloud-3.0.0-Cross-Site-Scripting.html http://osvdb.org/81211 http://archives.neohapsis.com/archives/bugtraq/2012-04/0127.html https://nvd.nist.gov https://www.exploit-db.com/exploits/37094/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-2270

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect