Description

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.15, 4.5.x before 4.5.11, and 5.0.x before 5.0.6 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2013-2040

Related Vulnerabilities

Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-7675)

Oracle JRE CVE-2013-5782 Vulnerability (CVE-2013-5782)

Drupal CVE-2017-6925 Vulnerability (CVE-2017-6925)

Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-7951)

WordPress Plugin WP Symposium Arbitrary File Upload (14.11)

Severity

Low

Classification

CVE-2013-2040 CWE-707

Tags

Missing Update Known Vulnerabilities