Description
Cross-site request forgery (CSRF) vulnerability in apps/calendar/ajax/settings/settimezone in ownCloud before 4.0.12 allows remote attackers to hijack the authentication of users for requests that change the timezone via the timezone parameter.
Remediation
References
Related Vulnerabilities
WebLogic Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2018-1000180)
PHP Numeric Errors Vulnerability (CVE-2016-1904)
WordPress Plugin Extensive VC Addons for WPBakery page builder Local File Inclusion (1.9)
GlassFish CVE-2016-5519 Vulnerability (CVE-2016-5519)
WordPress Plugin Simple Admin Language Change Security Bypass (2.0.1)