Improper Validation in the User's Avatar Mechanism - ownCloud

2024-04-1900:00:00

owncloud.com

improper validation

user's avatar mechanism

owncloud

authenticated attacker

denial of service

consuming resources.

6.8 Medium

AI Score

Confidence

High

0 Low

EPSS

Percentile

0.0%

JSON

Improper Validation in the User’s Avatar Mechanism may allow an authenticated attacker to edit their own profile in a way that consumes a substantial amount of resources, creating a Denial of Service.

Affected configurations

Vulners

Node

owncloudowncloudRange<10.14.0

CPENameOperatorVersion
owncloud (owncloud/core)lt10.14.0

CPE	Name	Operator	Version
	owncloud (owncloud/core)	lt	10.14.0