ownCloud graphapi contains an information disclosure vulnerability that can reveal sensitive data stored in phpinfo() via GetPhpInfo.php, including administrative credentials.
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.