Description

Cross-site scripting (XSS) vulnerability in the Documents component in ownCloud Server 6.0.x before 6.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to the print_unescaped function.

Remediation

References

CVE-2014-3832

Related Vulnerabilities

WordPress Plugin Social Auto Poster-WordPress Scheduler & Marketing Arbitrary File Upload (5.3.14)

WordPress Plugin FormGet Contact Form Cross-Site Scripting (5.3)

Moodle Improper Authentication Vulnerability (CVE-2014-3552)

WordPress Plugin YITH WooCommerce Authorize.net Payment Gateway Security Bypass (1.1.12)

WordPress Plugin Developer Tools Arbitrary File Upload (1.1.4)

Severity

Medium

Classification

CVE-2014-3832 CWE-707

Tags

Missing Update Known Vulnerabilities