The vulnerability in the overwrite.config.php implementation: The $domain parameter of the web application for data synchronization with ownCloud allows attackers to perform spoofing attacks.
The vulnerability of the overwrite.config.php script, where $domain is used for the web application’s data synchronization with ownCloud, is related to configuration errors when processing the OWNCLOUDDOMAIN variable. Exploiting this vulnerability allows a malicious actor to perform spear-phishin...