Description

The contacts application in ownCloud before 4.5.10 and 5.x before 5.0.5 does not properly check the ownership of contacts, which allows remote authenticated users to download arbitrary contacts via unspecified vectors.

Remediation

References

CVE-2013-1963

Related Vulnerabilities

WordPress Plugin CYSTEME Finder, the admin files explorer Cross-Site Request Forgery (1.4)

Joomla! Core 3.x.x Multiple Vulnerabilities (3.0.0 - 3.6.4)

MySQL CVE-2022-21265 Vulnerability (CVE-2022-21265)

WebLogic CVE-2016-5488 Vulnerability (CVE-2016-5488)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4589)

Severity

Medium

Classification

CVE-2013-1963 CWE-264

Tags

Missing Update Known Vulnerabilities