ID H1:85532
Type hackerone
Reporter dz_samir
Modified 2015-09-11T08:23:35
Description
hello i find bug with it i can edit or delete any question users
poc
link https://apps.owncloud.com/knowledgebase/editquestion.php?page=89
thanks
{"published": "2015-08-29T14:09:09", "id": "H1:85532", "cvss": {"score": 0.0, "vector": "NONE"}, "history": [{"differentElements": ["modified"], "edition": 2, "lastseen": "2017-08-28T23:19:23", "bulletin": {"published": "2015-08-29T14:09:09", "id": "H1:85532", "cvss": {"score": 0.0, "vector": "NONE"}, "history": [], "enchantments": {}, "hash": "3d21d361f389d47e539bda29e0170e43163f2a49aecfc3e3b3c235d53099b58a", "description": "hello i find bug with it i can edit or delete any question users \r\n\r\npoc \r\nlink https://apps.owncloud.com/knowledgebase/editquestion.php?page=89 \r\n\r\n\r\nthanks ", "type": "hackerone", "bounty": 0.0, "edition": 2, "lastseen": "2017-08-28T23:19:23", "title": "ownCloud: apps.owncloud.com: Edit Question didn't check ACLs", "h1team": {"profile_picture_urls": {"medium": "https://profile-photos.hackerone-user-content.com/production/000/003/059/6af0ec24c370d0d2250fdf2ac3e937f4aab2692d_medium.png?1438786688", "small": "https://profile-photos.hackerone-user-content.com/production/000/003/059/ef3f773944541857909a6662470c5452b3f94d88_small.png?1438786688"}, "handle": "owncloud", "url": "https://hackerone.com/owncloud"}, "href": "https://hackerone.com/reports/85532", "modified": "1970-01-01T00:00:00", "bulletinFamily": "bugbounty", "viewCount": 3, "cvelist": [], "bountyState": "resolved", "h1reporter": {"hacker_mediation": false, "disabled": false, "username": "dz_samir", "is_me?": false, "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/production/000/015/509/58cef1a11bf1f434852e334061e72bc10f97979f_small.jpg?1470702576"}, "url": "/dz_samir"}, "references": [], "reporter": "dz_samir", "hashmap": [{"hash": "ec83c92514064cbcd1d6878e7bc2471a", "key": "type"}, {"hash": "30565a8911a6bb487e3745c0ea3c8224", "key": "bounty"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "46be3efeb04e2c84d5d019cf8c7d4e68", "key": "published"}, {"hash": "43ae0291752992f763aef1b25fcac145", "key": "description"}, {"hash": "05ada9a7482161942c43eadd60b0440c", "key": "bulletinFamily"}, {"hash": "183b8c73fa7458a08302445665b229ab", "key": "href"}, {"hash": "fe3f171f649be7d45d9d11d3f5d45695", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "d4e6b596e03905c50362b5d0c6d779af", "key": "reporter"}, {"hash": "4ebadb6f9adbbf122d62f399e899d95d", "key": "h1reporter"}, {"hash": "900046be91d9d06d1416436557fb0ee7", "key": "title"}, {"hash": "1da2f4c70f5f0436479cf444cd3bad6f", "key": "h1team"}, {"hash": "fafdd4fbb3fee9a56e17d43689f48d18", "key": "bountyState"}], "objectVersion": "1.3"}}, {"differentElements": ["h1reporter"], "edition": 1, "lastseen": "2017-08-22T11:09:36", "bulletin": {"published": "2015-08-29T14:09:09", "id": "H1:85532", "cvss": {"score": 0.0, "vector": "NONE"}, "history": [], "enchantments": {}, "hash": "b22f546294f1e8ed129e20add72f86b22a0eef78330c3765a8e4637391b8b498", "description": "hello i find bug with it i can edit or delete any question users \r\n\r\npoc \r\nlink https://apps.owncloud.com/knowledgebase/editquestion.php?page=89 \r\n\r\n\r\nthanks ", "type": "hackerone", "bounty": 0.0, "edition": 1, "lastseen": "2017-08-22T11:09:36", "title": "ownCloud: apps.owncloud.com: Edit Question didn't check ACLs", "h1team": {"profile_picture_urls": {"medium": "https://profile-photos.hackerone-user-content.com/production/000/003/059/6af0ec24c370d0d2250fdf2ac3e937f4aab2692d_medium.png?1438786688", "small": "https://profile-photos.hackerone-user-content.com/production/000/003/059/ef3f773944541857909a6662470c5452b3f94d88_small.png?1438786688"}, "handle": "owncloud", "url": "https://hackerone.com/owncloud"}, "href": "https://hackerone.com/reports/85532", "modified": "1970-01-01T00:00:00", "bulletinFamily": "bugbounty", "viewCount": 3, "cvelist": [], "bountyState": "resolved", "h1reporter": {"hacker_mediation": false, "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/production/000/015/509/58cef1a11bf1f434852e334061e72bc10f97979f_small.jpg?1470702576"}, "disabled": false, "username": "dz_samir", "url": "/dz_samir"}, "references": [], "reporter": "dz_samir", "hashmap": [{"hash": "ec83c92514064cbcd1d6878e7bc2471a", "key": "type"}, {"hash": "30565a8911a6bb487e3745c0ea3c8224", "key": "bounty"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "46be3efeb04e2c84d5d019cf8c7d4e68", "key": "published"}, {"hash": "43ae0291752992f763aef1b25fcac145", "key": "description"}, {"hash": "05ada9a7482161942c43eadd60b0440c", "key": "bulletinFamily"}, {"hash": "183b8c73fa7458a08302445665b229ab", "key": "href"}, {"hash": "fe3f171f649be7d45d9d11d3f5d45695", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "d4e6b596e03905c50362b5d0c6d779af", "key": "reporter"}, {"hash": "900046be91d9d06d1416436557fb0ee7", "key": "title"}, {"hash": "eae6da1bb3bb845f055c93b49dd401ec", "key": "h1reporter"}, {"hash": "1da2f4c70f5f0436479cf444cd3bad6f", "key": "h1team"}, {"hash": "fafdd4fbb3fee9a56e17d43689f48d18", "key": "bountyState"}], "objectVersion": "1.3"}}, {"differentElements": ["h1team", "h1reporter"], "edition": 4, "lastseen": "2018-02-07T16:58:00", "bulletin": {"published": "2015-08-29T14:09:09", "id": "H1:85532", "cvss": {"score": 0.0, "vector": "NONE"}, "history": [], "enchantments": {"score": {"value": 7.5, "modified": "2018-02-07T16:58:00", "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:C/"}}, "hash": "242fa722f6703a8762a15db092d8c17b624688f7e82aa703adc3a003c302639d", "description": "hello i find bug with it i can edit or delete any question users \r\n\r\npoc \r\nlink https://apps.owncloud.com/knowledgebase/editquestion.php?page=89 \r\n\r\n\r\nthanks ", "type": "hackerone", "bounty": 0.0, "edition": 4, "lastseen": "2018-02-07T16:58:00", "title": "ownCloud: apps.owncloud.com: Edit Question didn't check ACLs", "h1team": {"profile_picture_urls": {"medium": "https://profile-photos.hackerone-user-content.com/production/000/003/059/6af0ec24c370d0d2250fdf2ac3e937f4aab2692d_medium.png?1438786688", "small": "https://profile-photos.hackerone-user-content.com/production/000/003/059/ef3f773944541857909a6662470c5452b3f94d88_small.png?1438786688"}, "handle": "owncloud", "url": "https://hackerone.com/owncloud"}, "href": "https://hackerone.com/reports/85532", "modified": "2015-09-11T08:23:35", "bulletinFamily": "bugbounty", "viewCount": 3, "cvelist": [], "bountyState": "resolved", "h1reporter": {"hacker_mediation": false, "disabled": false, "username": "dz_samir", "is_me?": false, "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/production/000/015/509/58cef1a11bf1f434852e334061e72bc10f97979f_small.jpg?1470702576"}, "hackerone_triager": false, "url": "/dz_samir"}, "references": [], "reporter": "dz_samir", "hashmap": [{"hash": "ec83c92514064cbcd1d6878e7bc2471a", "key": "type"}, {"hash": "30565a8911a6bb487e3745c0ea3c8224", "key": "bounty"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "46be3efeb04e2c84d5d019cf8c7d4e68", "key": "published"}, {"hash": "43ae0291752992f763aef1b25fcac145", "key": "description"}, {"hash": "05ada9a7482161942c43eadd60b0440c", "key": "bulletinFamily"}, {"hash": "aad27b31b987e62e7b4377a640fcf620", "key": "h1reporter"}, {"hash": "183b8c73fa7458a08302445665b229ab", "key": "href"}, {"hash": "689a5d2aa5eee96e4b8c416413b4a137", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "d4e6b596e03905c50362b5d0c6d779af", "key": "reporter"}, {"hash": "900046be91d9d06d1416436557fb0ee7", "key": "title"}, {"hash": "1da2f4c70f5f0436479cf444cd3bad6f", "key": "h1team"}, {"hash": "fafdd4fbb3fee9a56e17d43689f48d18", "key": "bountyState"}], "objectVersion": "1.3"}}, {"differentElements": ["h1reporter"], "edition": 3, "lastseen": "2017-08-29T13:11:25", "bulletin": {"published": "2015-08-29T14:09:09", "id": "H1:85532", "cvss": {"score": 0.0, "vector": "NONE"}, "history": [], "enchantments": {"score": {"value": 6.4, "modified": "2017-08-29T13:11:25"}}, "hash": "efefc2caf89931817777e541e3b734e63fee1254112a85aebf9caf27abc4b35b", "description": "hello i find bug with it i can edit or delete any question users \r\n\r\npoc \r\nlink https://apps.owncloud.com/knowledgebase/editquestion.php?page=89 \r\n\r\n\r\nthanks ", "type": "hackerone", "bounty": 0.0, "edition": 3, "lastseen": "2017-08-29T13:11:25", "title": "ownCloud: apps.owncloud.com: Edit Question didn't check ACLs", "h1team": {"profile_picture_urls": {"medium": "https://profile-photos.hackerone-user-content.com/production/000/003/059/6af0ec24c370d0d2250fdf2ac3e937f4aab2692d_medium.png?1438786688", "small": "https://profile-photos.hackerone-user-content.com/production/000/003/059/ef3f773944541857909a6662470c5452b3f94d88_small.png?1438786688"}, "handle": "owncloud", "url": "https://hackerone.com/owncloud"}, "href": "https://hackerone.com/reports/85532", "modified": "2015-09-11T08:23:35", "bulletinFamily": "bugbounty", "viewCount": 3, "cvelist": [], "bountyState": "resolved", "h1reporter": {"hacker_mediation": false, "disabled": false, "username": "dz_samir", "is_me?": false, "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/production/000/015/509/58cef1a11bf1f434852e334061e72bc10f97979f_small.jpg?1470702576"}, "url": "/dz_samir"}, "references": [], "reporter": "dz_samir", "hashmap": [{"hash": "ec83c92514064cbcd1d6878e7bc2471a", "key": "type"}, {"hash": "30565a8911a6bb487e3745c0ea3c8224", "key": "bounty"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "46be3efeb04e2c84d5d019cf8c7d4e68", "key": "published"}, {"hash": "43ae0291752992f763aef1b25fcac145", "key": "description"}, {"hash": "05ada9a7482161942c43eadd60b0440c", "key": "bulletinFamily"}, {"hash": "183b8c73fa7458a08302445665b229ab", "key": "href"}, {"hash": "689a5d2aa5eee96e4b8c416413b4a137", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "d4e6b596e03905c50362b5d0c6d779af", "key": "reporter"}, {"hash": "4ebadb6f9adbbf122d62f399e899d95d", "key": "h1reporter"}, {"hash": "900046be91d9d06d1416436557fb0ee7", "key": "title"}, {"hash": "1da2f4c70f5f0436479cf444cd3bad6f", "key": "h1team"}, {"hash": "fafdd4fbb3fee9a56e17d43689f48d18", "key": "bountyState"}], "objectVersion": "1.3"}}], "description": "hello i find bug with it i can edit or delete any question users \r\n\r\npoc \r\nlink https://apps.owncloud.com/knowledgebase/editquestion.php?page=89 \r\n\r\n\r\nthanks ", "hash": "748ddbf4db6d7574f27039267507ba5f9b3f10b0456fb7a55d84c1fd197acc63", "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "dependencies": {"references": [], "modified": "2018-04-19T17:34:13"}, "vulnersScore": 7.5}, "type": "hackerone", "lastseen": "2018-04-19T17:34:13", "edition": 5, "bounty": 0.0, "title": "ownCloud: apps.owncloud.com: Edit Question didn't check ACLs", "h1team": {"profile_picture_urls": {"medium": "https://profile-photos.hackerone-user-content.com/000/003/059/6af0ec24c370d0d2250fdf2ac3e937f4aab2692d_medium.png?1438786688", "small": "https://profile-photos.hackerone-user-content.com/000/003/059/ef3f773944541857909a6662470c5452b3f94d88_small.png?1438786688"}, "handle": "owncloud", "url": "https://hackerone.com/owncloud"}, "href": "https://hackerone.com/reports/85532", "modified": "2015-09-11T08:23:35", "bulletinFamily": "bugbounty", "viewCount": 4, "cvelist": [], "bountyState": "resolved", "h1reporter": {"hacker_mediation": false, "disabled": false, "username": "dz_samir", "is_me?": false, "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/000/015/509/58cef1a11bf1f434852e334061e72bc10f97979f_small.jpg?1470702576"}, "hackerone_triager": false, "url": "/dz_samir"}, "references": [], "reporter": "dz_samir", "hashmap": [{"hash": "30565a8911a6bb487e3745c0ea3c8224", "key": "bounty"}, {"hash": "fafdd4fbb3fee9a56e17d43689f48d18", "key": "bountyState"}, {"hash": "05ada9a7482161942c43eadd60b0440c", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "43ae0291752992f763aef1b25fcac145", "key": "description"}, {"hash": "d76dbc900dcd7c226d08c53fab1c750b", "key": "h1reporter"}, {"hash": "b9603a89d210a00429277ce0129241ad", "key": "h1team"}, {"hash": "183b8c73fa7458a08302445665b229ab", "key": "href"}, {"hash": "689a5d2aa5eee96e4b8c416413b4a137", "key": "modified"}, {"hash": "46be3efeb04e2c84d5d019cf8c7d4e68", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "d4e6b596e03905c50362b5d0c6d779af", "key": "reporter"}, {"hash": "900046be91d9d06d1416436557fb0ee7", "key": "title"}, {"hash": "ec83c92514064cbcd1d6878e7bc2471a", "key": "type"}], "objectVersion": "1.3"}
{}