Description
Deleting users with certain names caused system files to be deleted. Risk is higher for systems which allow users to register themselves and have the data directory in the web root. This affects ownCloud/core versions < 10.6.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2013-2425 Vulnerability (CVE-2013-2425)
Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-5491)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1135)
WordPress Plugin Google Analytics Dashboard Cross-Site Scripting (2.1.1)