Multiple vulnerabilities has been discovered and corrected in owncloud:
* Login bypass when using user_ldap due to unauthenticated binds
(oC-SA-2014-020)
* Login bypass when using the external FTP user backend
(oC-SA-2014-022)
* CSRF in bookmarks application (oC-SA-2014-027)
* Stored XSS in bookmarks application (oC-SA-2014-028)
* Multiple stored XSS in contacts application (oC-SA-2015-001)
* Multiple stored XSS in documents application (oC-SA-2015-002)
* Bypass of file blacklist (oC-SA-2015-004)
The updated packages have been upgraded to the 5.0.19 version where
these security flaws has been fixed.