Description

Open redirect vulnerability in index.php (aka the Login Page) in ownCloud before 3.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect_url parameter.

Remediation

References

CVE-2012-2270

Related Vulnerabilities

ReviveAdserver Other Vulnerability (CVE-2016-9471)

PHP Other Vulnerability (CVE-2012-3450)

osTicket Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-15580)

Serendipity Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1916)

WordPress Plugin Relevanssi-A Better Search SQL Injection (3.6.0)

Severity

Medium

Classification

CVE-2012-2270 CWE-20

Tags

Missing Update Known Vulnerabilities