Description

The configuration loader in ownCloud 5.0.x before 5.0.6 allows remote attackers to obtain CSRF tokens and other sensitive information by reading an unspecified JavaScript file.

Remediation

References

CVE-2013-2086

Related Vulnerabilities

WordPress Plugin Smart Manager for WooCommerce & WPeC SQL Injection (3.9.6)

WordPress Plugin Prismatic Multiple Cross-Site Scripting Vulnerabilities (2.7)

WordPress Plugin WP Easy Gallery Multiple Unspecified Vulnerabilities (2.7)

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-4250)

WordPress Plugin Swipe Checkout for WooCommerce Cross-Site Scripting (2.7.1)

Severity

Medium

Classification

CVE-2013-2086 CWE-200

Tags

Missing Update Known Vulnerabilities