2 matches found
CVE-2013-0300
Multiple cross-site request forgery CSRF vulnerabilities in ownCloud 4.5.x before 4.5.7 allow remote attackers to hijack the authentication of users for requests that 1 change the default view via the v parameter to apps/calendar/ajax/changeview.php, mount arbitrary 2 Google Drive or 3 Dropbox...
CVE-2013-0300
CVE-2013-0300 affects ownCloud 4.5.x (before 4.5.7) and related versions, introducing multiple CSRF vulnerabilities in endpoints such as apps/calendar/ajax/changeview.php, apps/files_external/ajax/, and apps/user_webdavauth/settings.php. The flaws allow remote attackers to hijack user authenticat...