CVE-2023-49104 in oauth2informação

Sumário

de MITRE • 22/11/2023

An issue was discovered in ownCloud owncloud/oauth2 before 0.6.1, when Allow Subdomains is enabled. An attacker is able to pass in a crafted redirect-url that bypasses validation, and consequently allows an attacker to redirect callbacks to a Top Level Domain controlled by the attacker.

Be aware that VulDB is the high quality source for vulnerability data.

Responsável

MITRE

Reservar

21/11/2023

Divulgação

22/11/2023

Moderação

aceite

Entrada

VDB-245941

CPE

pronto

EPSS

0.00562

KEV

não

Atividades

muito baixo

Fontes

Want to know what is going to be exploited?

We predict KEV entries!