Description

ownCloud Server before 6.0.1 does not properly check permissions, which allows remote authenticated users to access arbitrary preview pictures via unspecified vectors.

Remediation

References

CVE-2014-3963

Related Vulnerabilities

osCommerce Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-18573)

Drupal Core 9.1.x Cross-Site Scripting (9.1.0 - 9.1.8)

Oracle Application Server CVE-2009-1017 Vulnerability (CVE-2009-1017)

WordPress Other Vulnerability (CVE-2007-1244)

XWiki Incorrect Authorization Vulnerability (CVE-2023-32069)

Severity

Medium

Classification

CVE-2014-3963 CWE-264

Tags

Missing Update Known Vulnerabilities