Description
Cross-site scripting (XSS) vulnerability in the import functionality in the bookmarks application in ownCloud before 5.0.18, 6.x before 6.0.6, and 7.x before 7.0.3 allows remote authenticated users to inject arbitrary web script or HTML by importing a link with an unspecified protocol. NOTE: this can be leveraged by remote attackers using CVE-2014-9041.
Remediation
References
Related Vulnerabilities
WordPress Plugin Gallery Plugin for WordPress-Envira Photo Gallery Cross-Site Scripting (1.8.3.2)
Magento CVE-2019-8111 Vulnerability (CVE-2019-8111)
WordPress Plugin School Management System-WPSchoolPress Multiple Vulnerabilities (2.1.9)
Oracle HTTP Server Out-of-bounds Write Vulnerability (CVE-2021-39275)
WordPress Plugin Database Backups Cross-Site Request Forgery (1.2.2.6)