Description

The default Flash Cross Domain policies in ownCloud before 5.0.15 and 6.x before 6.0.2 allows remote attackers to access user files via unspecified vectors.

Remediation

References

CVE-2014-2049

Related Vulnerabilities

WordPress Plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) SQL Injection (1.5.109)

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1826)

jQuery PrettyPhoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-9478)

Oracle JRE CVE-2013-5784 Vulnerability (CVE-2013-5784)

MediaWiki Other Vulnerability (CVE-2007-0788)

Severity

Medium

Classification

CVE-2014-2049 CWE-264

Tags

Missing Update Known Vulnerabilities