CVE-2012-2270
owncloud < 3.0.3 - Open Redirect via Login Page redirect_url Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2012-2270. PoCs published by Tobias Glemser.
AI-analyzed exploit summary This exploit demonstrates an open-redirection vulnerability and multiple XSS/HTML-injection flaws in ownCloud due to improper input sanitization. The PoC includes crafted URLs that trigger arbitrary script execution or redirect users to malicious sites.
Description
Open redirect vulnerability in index.php (aka the Login Page) in ownCloud before 3.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect_url parameter.
Exploits (1)
This exploit demonstrates an open-redirection vulnerability and multiple XSS/HTML-injection flaws in ownCloud due to improper input sanitization. The PoC includes crafted URLs that trigger arbitrary script execution or redirect users to malicious sites.