An issue was discovered in ownCloud before 10.4. Because of an SSRF issue (via the apps/files_sharing/external remote parameter), an authenticated attacker can interact with local services blindly (aka Blind SSRF) or conduct a Denial Of Service attack.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:HOwncloud
APPOwncloud< 10.4.0
Powiązane podatności
A receiver of a federated share with access to the database with ownCloud version before 10.8 could update the...
Deleting users with certain names caused system files to be deleted. Risk is higher for systems which allow us...
Zend Framework, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to re...
The user_openid app in ownCloud Server before 5.0.15 allows remote attackers to obtain access by leveraging an...
ownCloud owncloud/core before 10.10.0 Improperly Removes Sensitive Information Before Storage or Transfer.