0.001 Low
EPSS
Percentile
36.0%
The shareinfo controller in the ownCloud Server before 10.8.0 allows an attacker to bypass the permission checks for upload only shares and list metadata about the share.
doc.owncloud.com/server/admin_manual/release_notes.html
launchpad.net/bugs/cve/CVE-2021-35949
nvd.nist.gov/vuln/detail/CVE-2021-35949
owncloud.com/security-advisories/cve-2021-35949/
security-tracker.debian.org/tracker/CVE-2021-35949
www.cve.org/CVERecord?id=CVE-2021-35949