Sponsor of the Day:
Jerkmate
https://owncloud.com/security-advisories/possibility-to-extend-internal-share-permissions-using-the-api/
Possibility to extend internal share permissions using the API - ownCloud security advisory
Nov 16, 2020 - ownCloud security advisory: Possibility to extend internal share permissions using the API.
owncloud security advisorypermissions usingpossibilityextendinternal
https://owncloud.com/security-advisories/access-to-all-file-versions/
Access to all file-versions of a user - ownCloud security advisory
Nov 17, 2020 - An authenticated attacker can access all versions of all files (even unshared) as soon as the owner of said files has at least one outgoing share with the
owncloud security advisoryaccessfileversionsuser
https://owncloud.com/security-advisories/local-code-injection/
Local Code Injection – ownCloud Security Advisory
May 19, 2021 - The ownCloud Client was vunerable to a local code injection attack. A malicious local user could create a special path where the client would load libraries
owncloud security advisorylocal codeinjection
https://owncloud.com/security-advisories/xss-in-error-page/
XSS in Error Page - ownCloud security advisory
Nov 16, 2020 - ownCloud security advisory: An attacker can inject HTML script code into a error message.
owncloud security advisoryxsserror