Platform: ownCloud Server
- Risk: Low
- CVSS v3 Base Score: 3.1
- CVSS v3 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
- CWE ID: 284
- CWE Name: Improper Access Control
It was possible to access the preview-image of a password-protected public-link. The severity of the issue is
reduced to low because the attacker needs to know the public-link hash and the original filename of the image.
– owncloud/core < v10.4
Applied access-control to preview-images.
Alessandro Groppo – Hacktive Security s.r.l.
Your secure file platform
Boost your productivity and enable collaboration within your organization.
The backbone of secure file sharing
Our software as a service solution. Hosted securely in Germany.
Ready in a glimpse.
Download Mobile Apps
Bring your productivity game to the next level. Download our Android or iOS app from the app stores.