CVE-2014-3836CVE-2014-3836

Affected configuration(s):

cpe:/a:owncloud:owncloud:6.0.0
cpe:/a:owncloud:owncloud:6.0.1
cpe:/a:owncloud:owncloud:6.0.2

Date published: 2014-06-04T10:55:04.763-04:00

Date last modified: 2014-06-05T13:38:45.983-04:00

CVSS Score: 6.8

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://owncloud.org/about/security/advisories/oc-sa-2014-014/

Summary: Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud Server before 6.0.3 allow remote attackers to hijack the authentication of users for requests that (1) conduct cross-site scripting (XSS) attacks, (2) modify files, or (3) rename files via unspecified vectors.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *