📦

oauth2

Vendor: owncloud

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 0 Code Available
Total RCEs 0 Remote Access
Total CVEs 1 Total Indexed
Avg. EPSS 0.06% Exploit Prob.
Latest CVE CVE-2023-49104 Nov 21

Security Vulnerability Index

Page 1 / 1
8.7 CVSS
CVE-2023-49104

An issue was discovered in ownCloud owncloud/oauth2 before 0.6.1, when Allow Subdomains is enabled. An attacker is able to pass in a crafted redirect-url that bypasses validation, and consequently allows an attacker to redirect callbacks to a Top Level Domain controlled by the attacker.

EPSS: 0.06%