CVE-2015-6670
Published: 26 October 2015
ownCloud Server before 7.0.8, 8.0.x before 8.0.6, and 8.1.x before 8.1.1 does not properly check ownership of calendars, which allows remote authenticated users to read arbitrary calendars via the calid parameter to apps/calendar/export.php.
Notes
Author | Note |
---|---|
mdeslaur | owncloud packages in Ubuntu are now empty |