Description
Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying restore privileges when restoring a file. The restore capability of Nextcloud/ownCloud was not verifying whether a user has only read-only access to a share. Thus a user with read-only access was able to restore old versions.
Remediation
References
Related Vulnerabilities
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-5900)
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-28735)
Artifactory Missing Authorization Vulnerability (CVE-2019-10323)
WordPress Plugin Ultimate Maps by Supsystic Cross-Site Scripting (1.2.4)
Drupal Incorrect Default Permissions Vulnerability (CVE-2020-13667)