6.8 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
36.4%
The shareinfo controller in the ownCloud Server before 10.8.0 allows an attacker to bypass the permission checks for upload only shares and list metadata about the share.
doc.owncloud.com/server/admin_manual/release_notes.html
owncloud.com/security-advisories/cve-2021-35949/