{
   "Title": "Calendar and addressbook names disclosed",
   "Timestamp": 1494244800,
   "Risk": 1,
   "CVSS3": {
     "score": 3.5,
     "vector": "AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"
   },
   "CWE": {
      "id": 548,
      "name": "Information Exposure Through Directory Listing"
   },
   "HackerOne": 203594,
   "Affected":[
      {
         "Version":"11.0.2",
         "CVE":"CVE-2017-0895",
         "Operator":"<"
      },
      {
         "Version":"10.0.4",
         "CVE":"CVE-2017-0895",
         "Operator":"<"
      }
   ],
   "Description":"A logical error caused disclosure of calendar and addressbook names to other logged-in users. Note that no actual content of the calendar and adressbook has been disclosed.",
   "ActionTaken": "The error has been fixed and regression tests been added.",
   "Acknowledgment":[
      {
         "Name": "Julius Härtl",
         "Website": "https://juliushaertl.de",
         "Reason": "Vulnerability discovery and disclosure."
      }
   ],
   "Resolution": "It is recommended that all instances are upgraded to Nextcloud 11.0.3."
}