Description
The Docker image of ownCloud Server through 10.11 contains a misconfiguration that renders the trusted_domains config useless. This could be abused to spoof the URL in password-reset e-mail messages.
Remediation
References
Related Vulnerabilities
ReviveAdserver URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-8143)
TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2019-19849)
WordPress Plugin ToolBar to Share Cross-Site Request Forgery (2.0)
MySQL CVE-2021-2088 Vulnerability (CVE-2021-2088)
Opencart Improper Restriction of XML External Entity Reference Vulnerability (CVE-2014-3990)