Vulners
Lucene search
ownCloud 3.0.0 Cross Site Scripting
| Reporter | Title | Published | Views | Family All 17 |
|---|---|---|---|---|
 | CVE-2012-2270 | 18 Apr 201200:00 | – | circl |
 | CVE-2012-2269 | 20 Apr 201210:00 | – | cve |
| CVE-2012-2270 | 20 Apr 201210:00 | – | cve |
 | CVE-2012-2269 | 20 Apr 201210:00 | – | cvelist |
| CVE-2012-2270 | 20 Apr 201210:00 | – | cvelist |
 | EUVD-2012-2262 | 7 Oct 202500:30 | – | euvd |
 | CVE-2012-2269 | 20 Apr 201210:55 | – | nvd |
| CVE-2012-2270 | 20 Apr 201210:55 | – | nvd |
 | ownCloud <= 3.0.0 Multiple Input Validation Vulnerabilities - Active Check | 19 Apr 201200:00 | – | openvas |
 | ownCloud 3.0.0 Cross Site Scripting | 18 Apr 201200:00 | – | packetstorm |
10
TC-SA-2012-01: Multiple web-vulnerabilities in ownCloud 3.0.0
Published: 2012/04/18
Version 1.0
Affected products:
ownCloud version 3.0.0 (others not tested)
http://owncloud.org
References:
TC-SA-2012-01 www.tele-consulting.com/advisories/TC-SA-2012-01.txt
(used for updates)
CVE-2012-2269 - XSS in ownCloud 3.0.0
CVE-2012-2270 - Open Redirect in ownCloud 3.0.0
Summary:
"ownCloud gives you easy and universal access to all of your files.
It also provides a platform to easily view, sync and share your
contacts, calendars, bookmarks and files across all your devices.
ownCloud 3 brings loads of new features and hundreds of fixes"
Vulnerable Scripts:
stored XSS:
- /apps/contacts/ajax/addcard.php (any input field)
- /apps/contacts/ajax/addproperty.php (parameter)
- /apps/contacts/ajax/createaddressbook (name)
reflected XSS:
- /files/download.php (file)
- /files/index.php (name, user, redirect_url)
open redirect after login:
- Login Page
Examples:
stored XSS:
- add a new contact and enter <script>alert("Help Me")</script> in
any field, save the contact
- add a new date in calendar with name <script>alert("Help
Me")</script>"
reflected XSS (un-authenticated):
-
http://$domain/owncloud/index.php?redirect_url=1"><script>alert("Help
Me")</script><l=" (must not be logged in)
open redirect after login:
-
http://$domain/owncloud/index.php?redirect_url=http%3a//www.boeserangreife
r.de/
Possible solutions:
- update to OwnCloud 3.0.2
Disclosure Timeline:
2012/02/01 vendor contacted via #owncloud on freenode IRC, got E-Mail
2012/02/01 vendor contacted via E-Mail
2012/02/02 vendor response
2012/04/16 asked vendor for status updates
2012/04/16 vendor status: patched with version 3.0.2
2012/04/18 public disclosure
# 0day.today [2018-04-03] #Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
18 Apr 2012 00:00Current
7.1High risk
Vulners AI Score7.1
EPSS0.14329