CVE-2012-2270

N/A Unknown

Published: April 20, 2012 Modified: April 29, 2026

Description

Open redirect vulnerability in index.php (aka the Login Page) in ownCloud before 3.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect_url parameter.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://archives.neohapsis.com/archives/bugtraq/2012-04/0127.html

Source: cve@mitre.org

http://osvdb.org/81211

Source: cve@mitre.org

http://owncloud.org/security/advisories/CVE-2012-2270/

Source: cve@mitre.org

http://packetstormsecurity.org/files/111956/ownCloud-3.0.0-Cross-Site-Scripting.html

Source: cve@mitre.org

http://secunia.com/advisories/48850

Source: cve@mitre.org

Vendor Advisory

http://www.openwall.com/lists/oss-security/2012/08/11/1

Source: cve@mitre.org

http://www.openwall.com/lists/oss-security/2012/09/02/2

Source: cve@mitre.org

http://www.securityfocus.com/bid/53145

Source: cve@mitre.org

http://www.tele-consulting.com/advisories/TC-SA-2012-01.txt

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/75029

Source: cve@mitre.org

http://archives.neohapsis.com/archives/bugtraq/2012-04/0127.html