Technically you can mount any place in the host as long as it’s accesible by the web server.
You could mount the root, so anyone who can access to the configured local external storage could see and download any file in the host, potentially getting access to sensitive information.
You could also mount the web server location, which could potentially allow you to change the code by uploading modified files there. This could easily break ownCloud, or be a huge security risk.
Obviously, you can use it properly, and mount folders such as “/opt” or “/mnt”, assuming they’re prepared to be used as such. On the other hand, it’s weird you need to access to the local FS out of the ownCloud’s data directory, and if you do, it might be a better option to use SFTP or SMB protocols and use specific accounts as if you’re accessing remotely to those files.