Arbitrary Calendar Reading Vulnerability in ownCloud Server
CVE-2015-6670 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
ownCloud Server before 7.0.8, 8.0.x before 8.0.6, and 8.1.x before 8.1.1 does not properly check ownership of calendars, which allows remote authenticated users to read arbitrary calendars via the calid parameter to apps/calendar/export.php.
Learn more about our Cis Benchmark Audit For Server Software.