ownCloud Server before 10.3.0 allows an attacker, who has received non-administrative access to a group share, to remove everyone else's access to that share.
Published February 19, 2021.
Owncloud Owncloud
