OwnCloud has fixed the issue in version 10.9.01 but urges customers to change their OwnCloud admin password, database and mail server credentials. A critical vulnerability has been identified in the OwnCloud “graphapi” app, enabling threat actors to gain access to sensitive information in containerized deployments.
Source: HackRead