Description

Cross-site scripting (XSS) vulnerability in apps/files/js/filelist.js in ownCloud before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter.

Remediation

References

CVE-2012-4394

Related Vulnerabilities

WordPress Plugin Advanced Access Manager Multiple Vulnerabilities (6.6.1)

Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2020-15842)

WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.17)

WordPress Plugin BP Group Documents Multiple Vulnerabilities (1.2.1)

WordPress Plugin WordPress Alipay/Tenpay/PayPal Cross-Site Scripting (3.6.0)

Severity

Medium

Classification

CVE-2012-4394 CWE-707

Tags

Missing Update Known Vulnerabilities