Skip to main content

Anti Virus For Owncloud

1 CVEs product

Monthly

CVE-2025-53830 CRITICAL PATCH Act Now

Server-Side Request Forgery in the Anti-Virus for ownCloud extension (versions before 1.2.3, shipping with ownCloud 10 prior to 10.15.3) lets an authenticated high-privileged user coerce the server into issuing attacker-controlled requests, with a scope-changed CVSS of 9.1 reflecting reach into internal systems. The flaw was reported through ownCloud's security advisory program (GHSA-3wg4-mg27-hj4w); there is no public exploit identified at time of analysis and it is not listed in CISA KEV. A vendor-released patch exists: Anti-Virus for ownCloud 1.2.3 / ownCloud 10.15.3.

SSRF Anti Virus For Owncloud Owncloud 10
NVD GitHub VulDB
CVSS 3.1
9.1
EPSS
0.3%
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

Server-Side Request Forgery in the Anti-Virus for ownCloud extension (versions before 1.2.3, shipping with ownCloud 10 prior to 10.15.3) lets an authenticated high-privileged user coerce the server into issuing attacker-controlled requests, with a scope-changed CVSS of 9.1 reflecting reach into internal systems. The flaw was reported through ownCloud's security advisory program (GHSA-3wg4-mg27-hj4w); there is no public exploit identified at time of analysis and it is not listed in CISA KEV. A vendor-released patch exists: Anti-Virus for ownCloud 1.2.3 / ownCloud 10.15.3.

SSRF Anti Virus For Owncloud Owncloud 10
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy