CVE-2023-49104
CVSS Score
8.7
EPSS Score
0.0%
EPSS Percentile
0th
An issue was discovered in ownCloud owncloud/oauth2 before 0.6.1, when Allow Subdomains is enabled. An attacker is able to pass in a crafted redirect-url that bypasses validation, and consequently allows an attacker to redirect callbacks to a Top Level Domain controlled by the attacker.
| Vendor | n/a |
| Product | n/a |
| Published | Nov 21, 2023 |
| Last Updated | Sep 4, 2024 |
Stay Ahead of the Next One
Get instant alerts for n/a n/a
Be the first to know when new high vulnerabilities affecting n/a n/a are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AC:H/AV:N/A:N/C:H/I:H/PR:N/S:C/UI:N Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
None
Affected Versions
n/a / n/a
n/a