CVE-2013-2044
owncloud < 5.0.6 - Open Redirect via Login Page redirect_url Parameter
Title source: llmDescription
Open redirect vulnerability in the Login Page (index.php) in ownCloud before 5.0.6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect_url parameter.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
http://owncloud.org/about/security/advisories/oC-SA-2013-022/
Scores
EPSS
0.0022
EPSS Percentile
45.0%
Details
CWE
CWE-20
Status
published
Products (6)
owncloud/owncloud
< 5.0.5
owncloud/owncloud_server
5.0.0
owncloud/owncloud_server
5.0.1
owncloud/owncloud_server
5.0.2
owncloud/owncloud_server
5.0.3
owncloud/owncloud_server
5.0.4
Published
Mar 14, 2014
Tracked Since
Feb 18, 2026