Description
index.php in ownCloud 4.0.7 does not properly validate the oc_token cookie, which allows remote attackers to bypass authentication via a crafted oc_token cookie value.
Remediation
References
Related Vulnerabilities
WordPress Plugin Comment Rating SQL Injection and Security Bypass Weakness Vulnerabilities (2.9.32)
WordPress Plugin WP Forum Server Cross-Site Scripting and SQL Injection Vulnerabilities (1.7.3)
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-33324)
MediaWiki Missing Authorization Vulnerability (CVE-2019-12470)
PHP Integer Overflow or Wraparound Vulnerability (CVE-2022-37454)