Description
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud Server before 5.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) new_name parameter to apps/bookmarks/ajax/renameTag.php or (2) multiple unspecified parameters to unknown files in apps/contacts/ajax/.
Remediation
References
Related Vulnerabilities
WordPress Plugin Easy Forms for MailChimp Local File Inclusion (6.0.5.5)
phpList Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2021-3188)
Apache Tomcat Improper Access Control Vulnerability (CVE-2016-5388)
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0346)