VYPR

OwnCloud

by Kiteworks

CVEs (1)

  • CVE-2023-7273MedOct 1, 2024
    risk 0.44cvss 6.8epss 0.00

    Cross site request forgery in Kiteworks OwnCloud allows an unauthenticated attacker to forge requests. If a request has no Authorization header, it is created with an empty string as value by a rewrite rule. The CSRF check is done by comparing the header value to null, meaning…