CVE-2025-53830 PUBLISHED

Anti-Virus for ownCloud 10 is vulnerable to Server-Side Request Forgery (SSRF)

Assigner: GitHub_M
Reserved: 09.07.2025 Published: 06.07.2026 Updated: 06.07.2026

Anti-Virus for ownCloud is an anti-virus application for file storage, synchronization, and sharing application ownCloud. Versions of Anti-Virus for ownCloud before 1.2.3 are vulnerable to Server-Side Request Forgery (SSRF). This corresponds to versions of ownCloud 10 prior to 10.15.3. Upgrade ownCloud 10 to version 10.15.3 or later or upgrade Anti-Virus for ownCloud 10 to version 1.2.3 or later to receive a fix.

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CVSS Score: 9.1

Product Status

Vendor owncloud
Product Anti-Virus for ownCloud
Versions
  • Version < 1.2.3 is affected
Vendor owncloud
Product ownCloud 10
Versions
  • Version < 10.15.3 is affected

References

Problem Types

  • CWE-918: Server-Side Request Forgery (SSRF) CWE