Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The import functionality in the bookmarks application in ownCloud server before 5.0.18, 6.x before 6.0.6, and 7.x before 7.0.3 does not validate CSRF tokens, which allow remote attackers to conduct CSRF attacks.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OwnCloud Bookmarks 跨站请求伪造漏洞
Vulnerability Description
OwnCloud是德国OwnCloud公司的一套免费且开源的个人云存储解决方案;OwnCloud Server是一个服务器版。bookmarks是其中的一个书签应用程序。 OwnCloud server的bookmarks应用程序中的import功能存在安全漏洞,该漏洞源于程序没有验证CSRF令牌。远程攻击者可利用该漏洞实施跨站请求伪造攻击。以下版本受到影响:ownCloud server 5.0.18之前版本,6.0.6之前6.x版本,7.0.3之前7.x版本。
CVSS Information
N/A
Vulnerability Type
N/A