The public share controller in the ownCloud server before version 10.8.0 allows a remote malicious user to see the internal path and the username of a public share by including invalid characters in the URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
owncloud owncloud |