Description

ownCloud server before 8.2.6 and 9.x before 9.0.3, when the gallery app is enabled, allows remote attackers to download arbitrary images via a direct request.

Remediation

References

CVE-2016-5876

Related Vulnerabilities

WordPress Plugin WP Booking Cross-Site Scripting (1.4)

Grafana Authentication Bypass by Spoofing Vulnerability (CVE-2023-3128)

Apache Traffic Server Uncontrolled Resource Consumption Vulnerability (CVE-2019-9512)

WordPress 'get_edit_post_link()' and 'get_edit_comment_link()' Multiple Eavesdropping Vulnerabilities (0.6.2 - 2.6)

MySQL Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2016-6664)

Severity

Medium

Classification

CVE-2016-5876 CWE-264 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities