Description

Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud Server before 6.0.3 allow remote attackers to hijack the authentication of users for requests that (1) conduct cross-site scripting (XSS) attacks, (2) modify files, or (3) rename files via unspecified vectors.

Remediation

References

CVE-2014-3836

Related Vulnerabilities

WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (8.1.9)

WordPress Plugin MailPoet-emails and newsletters in WordPress Cross-Site Scripting (3.23.1)

jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)

Oracle Application Server Other Vulnerability (CVE-2002-0947)

WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Directory Traversal (3.1.4)

Severity

Medium

Classification

CVE-2014-3836 CWE-352

Tags

Missing Update Known Vulnerabilities