Description

A logical error in ownCloud Server before 10.0.2 caused disclosure of valid share tokens for public calendars. Thus granting an attacker potentially access to publicly shared calendars without knowing the share token.

Remediation

References

CVE-2017-9339

Related Vulnerabilities

Joomla! Core 3.x.x Remote File Inclusion (3.0.0 - 3.2.5)

Oracle Database Server CVE-2018-2875 Vulnerability (CVE-2018-2875)

WordPress Plugin Latest Posts by BestWebSoft Cross-Site Scripting (0.2)

WordPress Plugin wp-microblogs Cross-Site Scripting (0.4.0)

WordPress Plugin WP Popup Banners includes Backdoor [Only if downloaded via the vendor website] (1.2.3)

Severity

Medium

Classification

CVE-2017-9339 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities