Description
Cross-site scripting (XSS) vulnerability in the activity application in ownCloud Server before 7.0.5 and 8.0.x before 8.0.4 allows remote authenticated users to inject arbitrary web script or HTML via a " (double quote) character in a filename in a shared folder.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Custom Global Variable Unspecified Vulnerability (3.0.0)
WordPress Plugin Mail Subscribe List Unspecified Vulnerability (2.0.9)
Atlassian Jira Insufficient Session Expiration Vulnerability (CVE-2021-39113)
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-15700)