ownCloud: CSRF in apps.owncloud.com

2015-08-24T15:36:02
ID H1:84395
Type hackerone
Reporter nait_lamine
Modified 2016-03-10T09:26:01

Description

Hello owncloud security team , I am a researcher of security, wanted to reveal a security vulnerability responsibility (CSRF ) , which is found in the website of your website (apps.owncloud.com).

this bug allow to hackers takeover of user accounts

POC : https://www.youtube.com/watch?v=6YnjPoiutfA

For more information :

https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)