Description

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.16 and 5.x before 5.0.7 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to shared files.

Remediation

References

CVE-2013-2149

Related Vulnerabilities

WordPress Plugin WP-RESTful Multiple Cross-Site Scripting Vulnerabilities (0.1)

LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-17660)

WordPress Plugin Polldaddy Polls & Ratings Unspecified Vulnerability (2.0.25)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-3394)

WordPress Plugin XData Toolkit Arbitrary File Upload (1.9)

Severity

Low

Classification

CVE-2013-2149 CWE-707

Tags

Missing Update Known Vulnerabilities