Description

Open redirect vulnerability in the Login Page (index.php) in ownCloud before 5.0.6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect_url parameter.

Remediation

References

CVE-2013-2044

Related Vulnerabilities

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2244)

PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23181)

WordPress Other Vulnerability (CVE-2013-0235)

PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-8994)

RubyGems Cryptographic Issues Vulnerability (CVE-2013-4363)

Severity

Medium

Classification

CVE-2013-2044 CWE-20

Tags

Missing Update Known Vulnerabilities