CVE-2023-49103

ownCloud graphapi contains an information disclosure vulnerability that can reveal sensitive data stored in phpinfo() via GetPhpInfo.php, including administrative credentials. Vendor/Product: ownCloud ownCloud graphapi. Added to CISA KEV 2023-11-30; required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.