ownCloud - HackerOne Reports
View on HackerOne31
Total Reports
2
Critical
3
High
5
Medium
9
Low
Banner Grabbing - Apache Server Version Disclousure
Reported by:
cybertiger
|
Disclosed:
Weakness: Information Disclosure
Password Complexity Not Enforced On Password Change
Reported by:
cosmopolitan_fi
|
Disclosed:
Low
Weakness: Violation of Secure Design Principles
This is not the security issue.
Reported by:
utkarsh123
|
Disclosed:
Federated share permissions can be increased by recipient
Reported by:
rullzer
|
Disclosed:
Medium
Bounty: $500.00
doc.owncloud.com: CVE-2015-5477 BIND9 TKEY Vulnerability + Exploit (Denial of Service)
Reported by:
m4nx
|
Disclosed:
High
Cross-Site Request Forgery
Reported by:
pascal_geuter
|
Disclosed:
High
Weakness: Cross-Site Request Forgery (CSRF)
HTML injection in Desktop Client
Reported by:
lukasreschke
|
Disclosed:
Low
Weakness: Cross-site Scripting (XSS) - Generic
Remote Code Execution through "Files_antivirus" plugin
Reported by:
pabl00nicarres
|
Disclosed:
Medium
Weakness: Code Injection
Accessable Htaccess
Reported by:
akshay_raj
|
Disclosed:
Weakness: Information Disclosure
HTML Injection in Owncloud
Reported by:
sinkmanu
|
Disclosed:
Medium
Weakness: Resource Injection
Bounty: $150.00
Outdated Jenkins server hosted at OwnCloud.org
Reported by:
computer-engineer
|
Disclosed:
Weakness: Information Disclosure
Previous
Page 2 of 2