The public share controller in the ownCloud server before version 10.8.0 allows a remote attacker to see the internal path and the username of a public share by including invalid characters in the URL.
CVE ID | Name | Status | References |
---|---|---|---|
CVE-2021-35947 | The public share controller in the ownCloud server before version 10.8.0 allows a remote attacker to see the internal path and the username of a public share by including invalid characters in the URL. |
Assigned (20210629) | MISC:https://doc.owncloud.com/server/admin_manual/release_notes.html | MISC:https://owncloud.com/security-advisories/cve-2021-35947/ |
Page created: