Описание
The public share controller in the ownCloud server before version 10.8.0 allows a remote attacker to see the internal path and the username of a public share by including invalid characters in the URL.
Ссылки
- Release NotesVendor Advisory
- Vendor Advisory
- Release NotesVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 10.8.0 (исключая)
cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00256
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-209
Связанные уязвимости
CVSS3: 5.3
ubuntu
больше 4 лет назад
The public share controller in the ownCloud server before version 10.8.0 allows a remote attacker to see the internal path and the username of a public share by including invalid characters in the URL.
CVSS3: 5.3
debian
больше 4 лет назад
The public share controller in the ownCloud server before version 10.8 ...
github
больше 3 лет назад
The public share controller in the ownCloud server before version 10.8.0 allows a remote attacker to see the internal path and the username of a public share by including invalid characters in the URL.
EPSS
Процентиль: 49%
0.00256
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-209