ownCloud Server 10.x before 10.3.1 allows an attacker, who has one outgoing share from a victim, to access any version of any file by sending a request for a predictable ID number.
{ "cpe": "cpe:2.3:a:owncloud:owncloud_server:*:*:*:*:*:*:*:*", "extracted_events": [ { "introduced": "10.0.9" }, { "fixed": "10.3.1" } ], "source": "CPE_RANGE" }
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-36252.json"