Security Advisory

CVE-2012-5336

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-06-04 14:00:00

Last updated 2024-08-06 21:05:47

Assigner mitre

State PUBLISHED

Description

lib/base.php in ownCloud before 4.0.8 does not properly validate the user_id session variable, which allows remote authenticated users to read arbitrary files via vectors related to WebDAV.

← Browse all CVEs View on cve.org ↗