CVE-2013-1963 Information

Description

The contacts application in ownCloud before 4.5.10 and 5.x before 5.0.5 does not properly check the ownership of contacts which allows remote authenticated users to download arbitrary contacts via unspecified vectors.

Reference

http://owncloud.org/about/security/advisories/oC-SA-2013-018/