Description

Cross-site scripting (XSS) vulnerability in index.php in ownCloud before 4.0.3 allows remote attackers to inject arbitrary web script or HTML via the redirect_url parameter.

Remediation

References

CVE-2012-4395

Related Vulnerabilities

WordPress Plugin YITH WooCommerce Waiting List Security Bypass (1.3.9)

WordPress Plugin Ultimate FAQ Cross-Site Scripting (1.8.21)

WordPress Plugin Fancy Product Designer-WooCommerce SQL Injection (4.7.4)

WordPress Plugin All Video Gallery 'vid' Parameter Multiple SQL Injection Vulnerabilities (1.1)

MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9071)

Severity

Medium

Classification

CVE-2012-4395 CWE-707

Tags

Missing Update Known Vulnerabilities