CVE-2012-4391

Published September 5th, 2012

View on NVD ↗

CVSS v3

N/A

CVSS v2

6.8

MEDIUM

Affected

PROJECT

Description

Cross-site request forgery (CSRF) vulnerability in core/ajax/appconfig.php in ownCloud before 4.0.7 allows remote attackers to hijack the authentication of administrators for requests that edit the app configurations.

owncloud/core

:cloud: ownCloud web server core (Files, DAV, etc.)

GitHub

8.79K