Description

An issue was discovered in ownCloud before 10.4. Because of an SSRF issue (via the apps/files_sharing/external remote parameter), an authenticated attacker can interact with local services blindly (aka Blind SSRF) or conduct a Denial Of Service attack.

Remediation

References

CVE-2020-10252

Related Vulnerabilities

WordPress Plugin ClickDesk Live Support-Live Chat-Help Desk Cross-Site Scripting (4.2)

XWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-37911)

WordPress Plugin Convert Plus Security Bypass (3.4.2)

Moodle Other Vulnerability (CVE-2004-1425)

MySQL CVE-2017-3468 Vulnerability (CVE-2017-3468)

Severity

High

Classification

CVE-2020-10252 CWE-918 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H

Tags

Missing Update Known Vulnerabilities