ownCloud Multiple Cross Site Scripting Vulnerabilities -01 May14

Summary
This host is installed with ownCloud and is prone to multiple cross-site scripting vulnerabilities.
Impact
Successful exploitation will allow remote attackers to execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. Impact Level: Application
Solution
Upgrade to ownCloud version 4.5.8 or later, For updates refer to http://owncloud.org
Insight
Multiple flaws exists due to insufficient validation of user-supplied input passed via the 'quota' POST parameter to setquota.php within /core/settings/ajax, 'group' parameter passed to the settings.php script and 'shareWith' parameter passed to the core/js/share.js script.
Affected
ownCloud Server 4.5.x before version 4.5.8
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References