Description

Cross-site request forgery (CSRF) vulnerability in ownCloud before 3.0.3 allows remote attackers to hijack the authentication of arbitrary users for requests that insert cross-site scripting (XSS) sequences via vectors involving contacts.

Remediation

References

CVE-2012-2397

Related Vulnerabilities

WordPress Plugin Flat Preloader Cross-Site Request Forgery (1.5.3)

XOOPS CVE-2009-3963 Vulnerability (CVE-2009-3963)

Squid NULL Pointer Dereference Vulnerability (CVE-2018-1000027)

Jboss EAP Configuration Vulnerability (CVE-2013-4128)

ownCloud Other Vulnerability (CVE-2013-1851)

Severity

Medium

Classification

CVE-2012-2397 CWE-352

Tags

Missing Update Known Vulnerabilities