Description
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) calendar displayname to part.choosecalendar.rowfields.php or (2) part.choosecalendar.rowfields.shared.php in apps/calendar/templates/; or (3) unspecified vectors to apps/contacts/lib/vcard.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Job Manager Cross-Site Scripting (1.26.1)
WordPress Plugin Jibu Pro Cross-Site Scripting (1.7)
MySQL CVE-2022-21321 Vulnerability (CVE-2022-21321)
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-43559)
WordPress Plugin Theme Demo Import Arbitrary File Upload (1.1.0)