Description
Asset Pipeline in ownCloud 7.x before 7.0.3 uses an MD5 hash of the absolute file paths of the original CSS and JS files as the name of the concatenated file, which allows remote attackers to obtain sensitive information via a brute force attack.
Remediation
References
Related Vulnerabilities
WordPress Plugin Google +1 by BestWebSoft Cross-Site Scripting (1.1.6)
WordPress Plugin BuddyPress Multiple Vulnerabilities (5.1.2)
Oracle JRE CVE-2024-20918 Vulnerability (CVE-2024-20918)
Drupal Other Vulnerability (CVE-2007-4063)
WordPress Plugin Social Media Widget by Acurax Cross-Site Request Forgery (3.2.5)