Description
The documents application in ownCloud Server 6.x before 6.0.6 and 7.x before 7.0.3 allows remote authenticated users to obtain all valid session IDs via an unspecified API method.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://owncloud.org/security/advisory/?id=oc-sa-2014-025
Scores
EPSS
0.0095
EPSS Percentile
57.0%
Details
CWE
CWE-200
Status
published
Products (9)
owncloud/owncloud_server
6.0.0
owncloud/owncloud_server
6.0.1
owncloud/owncloud_server
6.0.2
owncloud/owncloud_server
6.0.3
owncloud/owncloud_server
6.0.4
owncloud/owncloud_server
6.0.5
owncloud/owncloud_server
7.0.0
owncloud/owncloud_server
7.0.1
owncloud/owncloud_server
7.0.2
Published
Feb 04, 2015
Tracked Since
Feb 18, 2026