CVE-2015-6670
N/A
N/A
Summary
ownCloud Server before 7.0.8, 8.0.x before 8.0.6, and 8.1.x before 8.1.1 does not properly check ownership of calendars, which allows remote authenticated users to read arbitrary calendars via the calid parameter to apps/calendar/export.php.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.debian.org/security/2015/dsa-3373
- https://owncloud.org/security/advisory/?id=oc-sa-2015-015
References
- http://www.debian.org/security/2015/dsa-3373
- https://owncloud.org/security/advisory/?id=oc-sa-2015-015
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.