First published: Mon Oct 26 2015(Updated: )
ownCloud Server before 7.0.8, 8.0.x before 8.0.6, and 8.1.x before 8.1.1 does not properly check ownership of calendars, which allows remote authenticated users to read arbitrary calendars via the calid parameter to apps/calendar/export.php.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
ownCloud ownCloud | =7.0.0 | |
ownCloud ownCloud | =7.0.1 | |
ownCloud ownCloud | =7.0.2 | |
ownCloud ownCloud | =7.0.3 | |
ownCloud ownCloud | =7.0.4 | |
ownCloud ownCloud | =7.0.5 | |
ownCloud ownCloud | =7.0.6 | |
ownCloud ownCloud | =7.0.7 | |
ownCloud ownCloud | =8.0.0 | |
ownCloud ownCloud | =8.0.2 | |
ownCloud ownCloud | =8.0.3 | |
ownCloud ownCloud | =8.0.4 | |
ownCloud ownCloud | =8.0.5 | |
ownCloud ownCloud | =8.1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.