ID H1:85532
Type hackerone
Reporter dz_samir
Modified 2015-09-11T08:23:35
Description
hello i find bug with it i can edit or delete any question users
poc
link https://apps.owncloud.com/knowledgebase/editquestion.php?page=89
thanks
{"id": "H1:85532", "hash": "d6bf108c4d5a4842fda0ef20ac3c90a4", "type": "hackerone", "bulletinFamily": "bugbounty", "title": "ownCloud: apps.owncloud.com: Edit Question didn't check ACLs", "description": "hello i find bug with it i can edit or delete any question users \r\n\r\npoc \r\nlink https://apps.owncloud.com/knowledgebase/editquestion.php?page=89 \r\n\r\n\r\nthanks ", "published": "2015-08-29T14:09:09", "modified": "2015-09-11T08:23:35", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://hackerone.com/reports/85532", "reporter": "dz_samir", "references": [], "cvelist": [], "lastseen": "2018-04-19T17:34:13", "history": [{"differentElements": ["modified"], "edition": 2, "lastseen": "2017-08-28T23:19:23", "bulletin": {"id": "H1:85532", "hash": "3d21d361f389d47e539bda29e0170e43163f2a49aecfc3e3b3c235d53099b58a", "type": "hackerone", "bulletinFamily": "bugbounty", "title": "ownCloud: apps.owncloud.com: Edit Question didn't check ACLs", "description": "hello i find bug with it i can edit or delete any question users \r\n\r\npoc \r\nlink https://apps.owncloud.com/knowledgebase/editquestion.php?page=89 \r\n\r\n\r\nthanks ", "published": "2015-08-29T14:09:09", "modified": "1970-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://hackerone.com/reports/85532", "reporter": "dz_samir", "references": [], "cvelist": [], "lastseen": "2017-08-28T23:19:23", "history": [], "viewCount": 3, "enchantments": {}, "objectVersion": "1.4", "bounty": 0.0, "bountyState": "resolved", "h1team": {"profile_picture_urls": {"medium": "https://profile-photos.hackerone-user-content.com/production/000/003/059/6af0ec24c370d0d2250fdf2ac3e937f4aab2692d_medium.png?1438786688", "small": "https://profile-photos.hackerone-user-content.com/production/000/003/059/ef3f773944541857909a6662470c5452b3f94d88_small.png?1438786688"}, "handle": "owncloud", "url": "https://hackerone.com/owncloud"}, "h1reporter": {"hacker_mediation": false, "disabled": false, "username": "dz_samir", "is_me?": false, "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/production/000/015/509/58cef1a11bf1f434852e334061e72bc10f97979f_small.jpg?1470702576"}, "url": "/dz_samir"}}}, {"differentElements": ["h1reporter"], "edition": 1, "lastseen": "2017-08-22T11:09:36", "bulletin": {"id": "H1:85532", "hash": "b22f546294f1e8ed129e20add72f86b22a0eef78330c3765a8e4637391b8b498", "type": "hackerone", "bulletinFamily": "bugbounty", "title": "ownCloud: apps.owncloud.com: Edit Question didn't check ACLs", "description": "hello i find bug with it i can edit or delete any question users \r\n\r\npoc \r\nlink https://apps.owncloud.com/knowledgebase/editquestion.php?page=89 \r\n\r\n\r\nthanks ", "published": "2015-08-29T14:09:09", "modified": "1970-01-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://hackerone.com/reports/85532", "reporter": "dz_samir", "references": [], "cvelist": [], "lastseen": "2017-08-22T11:09:36", "history": [], "viewCount": 3, "enchantments": {}, "objectVersion": "1.4", "bounty": 0.0, "bountyState": "resolved", "h1team": {"profile_picture_urls": {"medium": "https://profile-photos.hackerone-user-content.com/production/000/003/059/6af0ec24c370d0d2250fdf2ac3e937f4aab2692d_medium.png?1438786688", "small": "https://profile-photos.hackerone-user-content.com/production/000/003/059/ef3f773944541857909a6662470c5452b3f94d88_small.png?1438786688"}, "handle": "owncloud", "url": "https://hackerone.com/owncloud"}, "h1reporter": {"hacker_mediation": false, "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/production/000/015/509/58cef1a11bf1f434852e334061e72bc10f97979f_small.jpg?1470702576"}, "disabled": false, "username": "dz_samir", "url": "/dz_samir"}}}, {"differentElements": ["h1team", "h1reporter"], "edition": 4, "lastseen": "2018-02-07T16:58:00", "bulletin": {"id": "H1:85532", "hash": "242fa722f6703a8762a15db092d8c17b624688f7e82aa703adc3a003c302639d", "type": "hackerone", "bulletinFamily": "bugbounty", "title": "ownCloud: apps.owncloud.com: Edit Question didn't check ACLs", "description": "hello i find bug with it i can edit or delete any question users \r\n\r\npoc \r\nlink https://apps.owncloud.com/knowledgebase/editquestion.php?page=89 \r\n\r\n\r\nthanks ", "published": "2015-08-29T14:09:09", "modified": "2015-09-11T08:23:35", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://hackerone.com/reports/85532", "reporter": "dz_samir", "references": [], "cvelist": [], "lastseen": "2018-02-07T16:58:00", "history": [], "viewCount": 3, "enchantments": {"score": {"value": 7.5, "modified": "2018-02-07T16:58:00", "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:C/"}}, "objectVersion": "1.4", "bounty": 0.0, "bountyState": "resolved", "h1team": {"profile_picture_urls": {"medium": "https://profile-photos.hackerone-user-content.com/production/000/003/059/6af0ec24c370d0d2250fdf2ac3e937f4aab2692d_medium.png?1438786688", "small": "https://profile-photos.hackerone-user-content.com/production/000/003/059/ef3f773944541857909a6662470c5452b3f94d88_small.png?1438786688"}, "handle": "owncloud", "url": "https://hackerone.com/owncloud"}, "h1reporter": {"hacker_mediation": false, "disabled": false, "username": "dz_samir", "is_me?": false, "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/production/000/015/509/58cef1a11bf1f434852e334061e72bc10f97979f_small.jpg?1470702576"}, "hackerone_triager": false, "url": "/dz_samir"}}}, {"differentElements": ["h1reporter"], "edition": 3, "lastseen": "2017-08-29T13:11:25", "bulletin": {"id": "H1:85532", "hash": "efefc2caf89931817777e541e3b734e63fee1254112a85aebf9caf27abc4b35b", "type": "hackerone", "bulletinFamily": "bugbounty", "title": "ownCloud: apps.owncloud.com: Edit Question didn't check ACLs", "description": "hello i find bug with it i can edit or delete any question users \r\n\r\npoc \r\nlink https://apps.owncloud.com/knowledgebase/editquestion.php?page=89 \r\n\r\n\r\nthanks ", "published": "2015-08-29T14:09:09", "modified": "2015-09-11T08:23:35", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://hackerone.com/reports/85532", "reporter": "dz_samir", "references": [], "cvelist": [], "lastseen": "2017-08-29T13:11:25", "history": [], "viewCount": 3, "enchantments": {"score": {"value": 6.4, "modified": "2017-08-29T13:11:25"}}, "objectVersion": "1.4", "bounty": 0.0, "bountyState": "resolved", "h1team": {"profile_picture_urls": {"medium": "https://profile-photos.hackerone-user-content.com/production/000/003/059/6af0ec24c370d0d2250fdf2ac3e937f4aab2692d_medium.png?1438786688", "small": "https://profile-photos.hackerone-user-content.com/production/000/003/059/ef3f773944541857909a6662470c5452b3f94d88_small.png?1438786688"}, "handle": "owncloud", "url": "https://hackerone.com/owncloud"}, "h1reporter": {"hacker_mediation": false, "disabled": false, "username": "dz_samir", "is_me?": false, "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/production/000/015/509/58cef1a11bf1f434852e334061e72bc10f97979f_small.jpg?1470702576"}, "url": "/dz_samir"}}}], "viewCount": 4, "enchantments": {"score": {"value": 0.8, "vector": "NONE", "modified": "2018-04-19T17:34:13"}, "dependencies": {"references": [], "modified": "2018-04-19T17:34:13"}, "vulnersScore": 0.8}, "objectVersion": "1.4", "bounty": 0.0, "bountyState": "resolved", "h1team": {"profile_picture_urls": {"medium": "https://profile-photos.hackerone-user-content.com/000/003/059/6af0ec24c370d0d2250fdf2ac3e937f4aab2692d_medium.png?1438786688", "small": "https://profile-photos.hackerone-user-content.com/000/003/059/ef3f773944541857909a6662470c5452b3f94d88_small.png?1438786688"}, "handle": "owncloud", "url": "https://hackerone.com/owncloud"}, "h1reporter": {"hacker_mediation": false, "disabled": false, "username": "dz_samir", "is_me?": false, "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/000/015/509/58cef1a11bf1f434852e334061e72bc10f97979f_small.jpg?1470702576"}, "hackerone_triager": false, "url": "/dz_samir"}, "_object_type": "robots.models.hackerone.HackerOneBulletin", "_object_types": ["robots.models.hackerone.HackerOneBulletin", "robots.models.base.Bulletin"]}
{}
