Description

The contacts application in ownCloud before 4.5.10 and 5.x before 5.0.5 does not properly check the ownership of contacts, which allows remote authenticated users to download arbitrary contacts via unspecified vectors.

Remediation

References

CVE-2013-1963

Related Vulnerabilities

MySQL CVE-2017-10384 Vulnerability (CVE-2017-10384)

WordPress Plugin Flexible Custom Post Type Cross-Site Scripting (0.1.5)

Jenkins CVE-2013-0329 Vulnerability (CVE-2013-0329)

WordPress Plugin WP Yelp Review Slider SQL Injection (7.0)

WordPress Plugin Nofollow for external link Multiple Unspecified Vulnerabilities (1.1.2)

Severity

Medium

Classification

CVE-2013-1963 CWE-264

Tags

Missing Update Known Vulnerabilities