Vulnerabilities > Owncloud > Owncloud Server > 6.0.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-11 | CVE-2014-2052 | XXE vulnerability in Owncloud Zend Framework, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack. | 9.8 |
| 2020-01-23 | CVE-2014-2050 | Cross-Site Request Forgery (CSRF) vulnerability in Owncloud Cross-site request forgery (CSRF) vulnerability in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2 allows remote attackers to hijack the authentication of users for requests that reset passwords via a crafted HTTP Host header. | 6.5 |