← volver
CVE-2015-6670

CVE-2015-6670

EPSS 1.4%
ownCloud Server before 7.0.8, 8.0.x before 8.0.6, and 8.1.x before 8.1.1 does not properly check ownership of calendars, which allows remote authenticated users to read arbitrary calendars via the calid parameter to apps/calendar/export.php.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://owncloud.org/security/advisory/?id=oc-sa-2015-015http://www.debian.org/security/2015/dsa-3373