Description ownCloud (Core) before 10.5 allows XSS in login page 'forgot password.' Remediation References CVE-2020-16255 Related Vulnerabilities TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2010-3663) WordPress Plugin Matrix Gallery 'upload.php' Arbitrary File Upload (2.1) WordPress Plugin NextGEN Gallery-WordPress Gallery SQL Injection (3.2.10) PostgreSQL Other Vulnerability (CVE-2002-1398) WebERP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-7755) Severity Medium Classification CVE-2020-16255 Tags Missing Update Known Vulnerabilities