Description
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.16 and 5.x before 5.0.7 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to shared files.
Remediation
References
Related Vulnerabilities
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3742)
WordPress Plugin Dean's FCKEditor with pwwang's code Arbitrary File Upload (1.0.0)
Handlebars Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2019-20922)
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-3230)