Description

An issue was discovered in ownCloud before 10.4. Because of an SSRF issue (via the apps/files_sharing/external remote parameter), an authenticated attacker can interact with local services blindly (aka Blind SSRF) or conduct a Denial Of Service attack.

Remediation

References

CVE-2020-10252

Related Vulnerabilities

WordPress Plugin Users Ultra SQL Injection (1.3.58)

PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-10159)

WordPress Plugin Fast Secure Contact Form-Clockwork SMS Cross-Site Scripting (2.1.2)

WordPress Plugin White Label CMS PHP Object Injection (2.4)

WordPress Plugin Slimstat Analytics Cross-Site Scripting (3.5.5)

Severity

High

Classification

CVE-2020-10252 CWE-918 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H

Tags

Missing Update Known Vulnerabilities