{"vulnerability": "GHSA-PHFX-X4Q3-W99V", "sightings": [{"uuid": "f68d1f08-9aac-497c-80b2-b69da6d59194", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-PHFX-X4Q3-W99V", "type": "seen", "source": "https://t.me/arpsyndicate/798", "content": "#ExploitObserverAlert\n\nGHSA-phfx-x4q3-w99v\n\nDESCRIPTION: Exploit Observer has 1 entries related to GHSA-PHFX-X4Q3-W99V. An issue was discovered in ownCloud owncloud/oauth2 before 0.6.1, when Allow Subdomains is enabled. An attacker is able to pass in a crafted redirect-url that bypasses validation, and consequently allows an attacker to redirect callbacks to a Top Level Domain controlled by the attacker.\n\nGHSS: 8.7", "creation_timestamp": "2023-11-30T08:14:29.000000Z"}]}