The configuration loader in ownCloud 5.0.x before 5.0.6 includes private data such as CSRF tokens in a JavaScript file, which allows remote attackers to obtain sensitive information.
For more information please consult the official advisory.
This advisory is licensed CC BY-SA 4.0
CPE | Name | Operator | Version |
---|---|---|---|
owncloud server | lt | 5.0.6 |