Description

The import functionality in the bookmarks application in ownCloud server before 5.0.18, 6.x before 6.0.6, and 7.x before 7.0.3 does not validate CSRF tokens, which allow remote attackers to conduct CSRF attacks.

Remediation

References

CVE-2014-9041

Related Vulnerabilities

WordPress Plugin Browsealoud Crypto Mining (1.4)

WordPress Plugin Sucuri Security-Auditing, Malware Scanner and Security Hardening Cross-Site Scripting (1.7.15)

WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.18)

MySQL CVE-2012-1756 Vulnerability (CVE-2012-1756)

WordPress Plugin WordPress Robots.txt optimization (+ XML Sitemap)-Website traffic, SEO & ranking Booster Security Bypass (1.2.5.1)

Severity

Medium

Classification

CVE-2014-9041 CWE-352

Tags

Missing Update Known Vulnerabilities