ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-9049)
Description
The documents application in ownCloud Server 6.x before 6.0.6 and 7.x before 7.0.3 allows remote authenticated users to obtain all valid session IDs via an unspecified API method.