CVE-2014-2050

Name of the Vulnerable Software and Affected Versions ownCloud Server versions prior to 5.0.15 ownCloud Server versions 6.0.x prior to 6.0.2

Description A cross-site request forgery (CSRF) issue allows remote attackers to hijack user authentication for password reset requests by crafting an HTTP Host header.

Recommendations For ownCloud Server versions prior to 5.0.15, update to version 5.0.15 or later. For ownCloud Server versions 6.0.x prior to 6.0.2, update to version 6.0.2 or later.