Description
The CSRF (Cross Site Request Forgery) token check was improperly implemented on cookie authenticated requests against some ocs API endpoints. This affects ownCloud/core version < 10.6.
Remediation
References
Related Vulnerabilities
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-15005)
Oracle JRE CVE-2014-0452 Vulnerability (CVE-2014-0452)
WordPress Plugin Opening Hours Cross-Site Scripting (2.3.0)
Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2020-26185)
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-16335)