Description
ownCloud Server before 5.0.16 and 6.0.x before 6.0.3 does not properly check permissions, which allows remote authenticated users to read the names of files of other users by leveraging access to multiple accounts.
Remediation
References
Related Vulnerabilities
PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-15080)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-15110)
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1336)
WordPress Plugin WP Photo Album Plus Cross-Site Scripting (6.1.2)