CVE-2012-4392

Published
View on NVD ↗
CVSS v3
N/A
CVSS v2
7.5
HIGH
Affected
1
PROJECT

Description

index.php in ownCloud 4.0.7 does not properly validate the oc_token cookie, which allows remote attackers to bypass authentication via a crafted oc_token cookie value.

owncloud/core
owncloud/core
:cloud: ownCloud web server core (Files, DAV, etc.)
GitHubGitHub
8.79K