ownCloud Improper Restriction of XML External Entity Reference Vulnerability - CVE-2014-2052 - Vulnerability Database

ownCloud Improper Restriction of XML External Entity Reference Vulnerability - CVE-2014-2052

Critical

Reference: CVE-2014-2052

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2014-2052

Title: ownCloud Improper Restriction of XML External Entity Reference Vulnerability

Overview:

Zend Framework as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2 allows remote attackers to read arbitrary files cause a denial of service or possibly have other impact via an XML External Entity (XXE) attack.