Description

SabreDAV before 1.7.11, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.

Remediation

References

CVE-2014-2055

Related Vulnerabilities

Oracle Database Server CVE-2014-6578 Vulnerability (CVE-2014-6578)

WordPress Plugin All-in-One WP Migration Cross-Site Scripting (6.45)

Nginx Out-of-bounds Write Vulnerability (CVE-2022-41741)

WordPress Plugin Easy PayPal Events Cross-Site Scripting (1.1.1)

WordPress Plugin WordPress Contact Forms by Cimatti Cross-Site Scripting (1.4.11)

Severity

High

Classification

CVE-2014-2055

Tags

Missing Update Known Vulnerabilities