Description
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud Server before 4.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) readyCallback parameter to apps/files_odfviewer/src/webodf/webodf/flashput/PUT.swf, the (2) root parameter to apps/gallery/templates/index.php, or a (3) malformed query to lib/db.php.
Remediation
References
Related Vulnerabilities
Moodle Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-5545)
WordPress 4.2.3 Multiple Vulnerabilities (0.7 - 4.2.3)
MySQL CVE-2012-3173 Vulnerability (CVE-2012-3173)
MySQL CVE-2014-4240 Vulnerability (CVE-2014-4240)
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall SQL Injection (3.8.7)