Back to overview

CVE-2025-53828

HIGH
8.5
CVSS 3.1
Description
SharePoint for ownCloud is an application for using SharePoint with the file storage, synchronization, and sharing application ownCloud Classic. In SharePoint for ownCloud prior to version 0.4.1, which corresponds to ownCloud 10 prior to 10.15.3, an attacker with administrative privileges can use a SSRF vulnerability in the SharePoint app to execute arbitrary code on the system. Upgrade ownCloud 10 to version 10.15.3 or later to receive SharePoint for ownCloud 0.4.1, the fixed version.

Metadata

CVE ID
CVE-2025-53828
State
PUBLISHED
Assigner
GitHub_M
Reserved
2025-07-09 14:14 UTC
Published
2026-07-06 14:41 UTC
Last updated
2026-07-06 14:41 UTC
Primary CWE
CWE-918
CWE-918: Server-Side Request Forgery (SSRF)
Vendor / Product
owncloud / SharePoint
Sources
cve.org  ·  NVD

Severity & Metrics

8.5 HIGH CVSS 3.1
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Affected products (2)
VendorProductPlatformVersions
owncloud ownCloud 10 < 10.15.3
owncloud SharePoint < 0.4.1
Weakness (CWE)
CWESourceDescription
CWE-918 cna CWE-918: Server-Side Request Forgery (SSRF)
CVSS scores (1)
ScoreSeverityVersionSourceVector
8.5 HIGH 3.1 cna CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
References (1)
Back to overview