Description
Cross-site scripting (XSS) vulnerability in settings.php in ownCloud before 4.0.12 and 4.5.x before 4.5.7 allows remote administrators to inject arbitrary web script or HTML via the group input field parameter.
Remediation
References
Related Vulnerabilities
Django URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-7234)
PHP Out-of-bounds Read Vulnerability (CVE-2019-11036)
WordPress Plugin PHPFreeChat 'url' Parameter Cross-Site Scripting (0.2.8)
WordPress Plugin YOP Poll Cross-Site Scripting (6.0.2)
WordPress Plugin Billplz for WooCommerce Unspecified Vulnerability (3.10)