Description
The documents application in ownCloud Server 6.x before 6.0.6 and 7.x before 7.0.3 allows remote authenticated users to obtain all valid session IDs via an unspecified API method.
Remediation
References
Related Vulnerabilities
Sqlite Integer Overflow or Wraparound Vulnerability (CVE-2018-20346)
Rukovoditel Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-20166)
PHP POST file upload buffer overflow vulnerabilities
WordPress Plugin Product Limited Time Availability Date for woocommerce Cross-Site Scripting (1.0.1)