Description
(1) apps/calendar/appinfo/remote.php and (2) apps/contacts/appinfo/remote.php in ownCloud before 4.0.7 allows remote authenticated users to enumerate the registered users via unspecified vectors.
Remediation
References
Related Vulnerabilities
Nexus Repository Manager Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-43293)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2356)
WordPress Plugin WebLibrarian SQL Injection (3.5.4)
Oracle Database Server CVE-2014-6544 Vulnerability (CVE-2014-6544)
WordPress Plugin Live Product Editor for WooCommerce Security Bypass (4.6.2)