Description

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.16 and 5.x before 5.0.7 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to shared files.

Remediation

References

CVE-2013-2149

Related Vulnerabilities

YUI Library Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4940)

PHP Other Vulnerability (CVE-2007-1777)

WordPress Plugin Fonts-Google Fonts Typography Cross-Site Scripting (3.0.2)

WordPress Plugin Login/Signup Popup (Inline Form + Woocommerce) Cross-Site Request Forgery (2.2)

MySQL CVE-2016-0650 Vulnerability (CVE-2016-0650)

Severity

Low

Classification

CVE-2013-2149 CWE-707

Tags

Missing Update Known Vulnerabilities