Description

ownCloud Server 10.x before 10.3.1 allows an attacker, who has one outgoing share from a victim, to access any version of any file by sending a request for a predictable ID number.

Remediation

References

CVE-2020-36252

Related Vulnerabilities

Lighttpd Other Vulnerability (CVE-2007-1870)

Oracle JRE CVE-2019-2999 Vulnerability (CVE-2019-2999)

WordPress Plugin Recommend to a friend Cross-Site Scripting (2.0.2)

WordPress Plugin Redirection for Contact Form 7 Multiple Vulnerabilities (2.3.3)

Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18624)

Severity

Medium

Classification

CVE-2020-36252 CWE-668 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities