VDB
CVE-2012-2270
CVE-2012-2270
PUBLISHED
CVSS 5.800000190734863 MEDIUM
Open redirect vulnerability in index.php (aka the Login Page) in ownCloud before 3.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect_url parameter.
EPSS 14.33% · 94.5th percentile
Risk Scores
CVSS 2.0
5.800000190734863
EPSS Score
14.33%
94.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| owncloud | owncloud_server | 3.0.1, 3.0.0 |
| owncloud | owncloud | 0 |
| n/a | n/a | n/a |
Timeline
- Apr 18, 2012 PoC Published
- Apr 20, 2012 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 15, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- 48850 third-party-advisory
- http://owncloud.org/security/advisories/CVE-2012-2270/ url
- http://www.tele-consulting.com/advisories/TC-SA-2012-01.txt url
- [oss-security] 20120810 ownCloud - matching CVEs to fix information and vice versa mailing-list
- 20120418 TC-SA-2012-01: Multiple web-vulnerabilities in ownCloud 3.0.0 mailing-list
- [oss-security] 20120901 Re: CVE - ownCloud mailing-list
- 53145 vdb
- http://packetstormsecurity.org/files/111956/ownCloud-3.0.0-Cross-Site-Scripting.html url
- owncloud-index-open-redirect(75029) vdb
- 81211 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2012-2270 advisory
- http://owncloud.org/security/advisories/CVE-2012-2270 url