Session fixation on password protected public links in the ownCloud Server prior to 10.8.0 allows an malicious user to bypass the password protection when they can force a target client to use a controlled cookie.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
owncloud owncloud |