CVE-2020-10252

Name of the Vulnerable Software and Affected Versions ownCloud versions prior to 10.4

Description An issue was discovered in ownCloud due to a Server-Side Request Forgery (SSRF) problem via the apps/files sharing/external remote parameter. This allows an authenticated attacker to interact with local services blindly, also known as Blind SSRF, or conduct a Denial Of Service attack.

Recommendations For versions prior to 10.4, update to version 10.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the apps/files sharing/external remote parameter to minimize the risk of exploitation.