Remote Code Execution Vulnerability in SharePoint for ownCloud by ownCloud
CVE-2025-53828

8.5HIGH

Key Information:

Vendor

Owncloud

Vendor
CVE Published:
6 July 2026

What is CVE-2025-53828?

A vulnerability in SharePoint for ownCloud allows attackers with administrative privileges to exploit a Server-Side Request Forgery (SSRF) flaw. This issue permits unauthorized execution of arbitrary code on the host system, posing significant risks to data integrity and system security. Users are encouraged to update to ownCloud version 10.15.3 or later to mitigate this vulnerability by using SharePoint for ownCloud version 0.4.1, which contains the necessary security fixes.

Affected Version(s)

ownCloud 10 < 10.15.3

SharePoint < 0.4.1

References

CVSS V3.1

Score:
8.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.