Description
ownCloud Server before 5.0.16 and 6.0.x before 6.0.3 does not check permissions to the files_external application, which allows remote authenticated users to add external storage via unspecified vectors.
Remediation
References
Related Vulnerabilities
MySQL CVE-2016-8290 Vulnerability (CVE-2016-8290)
Oracle JRE Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-21011)
Oracle JRE CVE-2013-0444 Vulnerability (CVE-2013-0444)
Handlebars Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-20922)
WordPress Plugin WooCommerce Help Scout Arbitrary File Upload (2.9)