Cross-site request forgery (CSRF) vulnerability in apps/calendar/ajax/settings/settimezone in ownCloud before 4.0.12 allows remote attackers to hijack the authentication of users for requests that change the timezone via the timezone parameter.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Owncloud |
|
Configuration 1 [-]
|
No data.
No data.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2013-0321 | Cross-site request forgery (CSRF) vulnerability in apps/calendar/ajax/settings/settimezone in ownCloud before 4.0.12 allows remote attackers to hijack the authentication of users for requests that change the timezone via the timezone parameter. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Mon, 31 Mar 2025 12:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Owncloud owncloud Server
|
|
| CPEs | cpe:2.3:a:owncloud:owncloud:3.0.1:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud:3.0.2:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud:3.0.3:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud:4.0.0:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud:4.0.10:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud:4.0.1:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud:4.0.2:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud:4.0.3:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud:4.0.4:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud:4.0.5:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud:4.0.6:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud:4.0.7:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud:4.0.8:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud:4.0.9:*:*:*:*:*:*:* |
cpe:2.3:a:owncloud:owncloud_server:3.0.0:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud_server:3.0.1:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud_server:3.0.2:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud_server:3.0.3:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud_server:4.0.0:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud_server:4.0.10:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud_server:4.0.1:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud_server:4.0.2:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud_server:4.0.3:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud_server:4.0.4:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud_server:4.0.5:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud_server:4.0.6:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud_server:4.0.7:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud_server:4.0.8:*:*:*:*:*:*:* cpe:2.3:a:owncloud:owncloud_server:4.0.9:*:*:*:*:*:*:* |
| Vendors & Products |
Owncloud owncloud Server
|
MITRE
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-06T14:18:09.838Z
Reserved: 2012-12-06T00:00:00
Link: CVE-2013-0301
Vulnrichment
No data.
NVD
Status : Deferred
Published: 2014-03-14T17:55:06.983
Modified: 2025-04-12T10:46:40.837
Link: CVE-2013-0301
Redhat
No data.
OpenCVE Enrichment
No data.