CVE-2014-3835 Information

Description

ownCloud Server before 5.0.16 and 6.0.x before 6.0.3 does not check permissions to the files_external application which allows remote authenticated users to add external storage via unspecified vectors.

Reference

http://owncloud.org/about/security/advisories/oc-sa-2014-012/