Description

(1) apps/calendar/appinfo/remote.php and (2) apps/contacts/appinfo/remote.php in ownCloud before 4.0.7 allows remote authenticated users to enumerate the registered users via unspecified vectors.

Remediation

References

CVE-2012-4390

Related Vulnerabilities

WordPress Plugin NextGEN Gallery-WordPress Gallery Cross-Site Scripting (2.2.10)

Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-2060)

Sqlite NULL Pointer Dereference Vulnerability (CVE-2020-9327)

WordPress Plugin JobSearch WP Job Board Security Bypass (1.8.1)

phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-1285)

Severity

Medium

Classification

CVE-2012-4390 CWE-200

Tags

Missing Update Known Vulnerabilities