Description
Cross-site scripting (XSS) vulnerability in ownCloud 4.5.5, 4.0.10, and earlier allows remote attackers to inject arbitrary web script or HTML via the action parameter to core/ajax/sharing.php.
Remediation
References
Related Vulnerabilities
ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-9407)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2355)
Apache Tomcat URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-41080)