CVE-2013-1963 on Ubuntu 14.04 LTS (trusty) - medium.
Description:
The contacts application in ownCloud before 4.5.10 and 5.x before 5.0.5 does not properly check the ownership of contacts, which allows remote authenticated users to download arbitrary contacts via unspecified vectors.