CVE-2015-6670
CVE-2015-6670
ownCloud Server before 7.0.8, 8.0.x before 8.0.6, and 8.1.x before 8.1.1 does not properly check ownership of calendars, which allows remote authenticated users to read arbitrary calendars via the calid parameter to apps/calendar/export.php.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →