Description
The documents application in ownCloud Server 6.x before 6.0.6 and 7.x before 7.0.3 allows remote authenticated users to obtain all valid session IDs via an unspecified API method.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://owncloud.org/security/advisory/?id=oc-sa-2014-025
Scores
EPSS
0.0028
EPSS Percentile
51.8%
Details
CWE
CWE-200
Status
published
Products (9)
owncloud/owncloud_server
6.0.0
owncloud/owncloud_server
6.0.1
owncloud/owncloud_server
6.0.2
owncloud/owncloud_server
6.0.3
owncloud/owncloud_server
6.0.4
owncloud/owncloud_server
6.0.5
owncloud/owncloud_server
7.0.0
owncloud/owncloud_server
7.0.1
owncloud/owncloud_server
7.0.2
Published
Feb 04, 2015
Tracked Since
Feb 18, 2026