Due to not properly checking the ownership of an calendar, an authenticated attacker is able to download calendars of other users via the “calendar_id” GET parameter to /apps/calendar/ajax/events.php
Note: Successful exploitation of this privilege escalation requires the “calendar” app to be enabled (enabled by default).
For more information please consult the official advisory.
This advisory is licensed CC BY-SA 4.0
CPE | Name | Operator | Version |
---|---|---|---|
owncloud server | lt | 5.0.6 | |
owncloud server | lt | 4.5.11 |