ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2149)

Description

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.16 and 5.x before 5.0.7 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to shared files.

Remediation

References

CVE-2013-2149

Related Vulnerabilities

MySQL CVE-2020-14697 Vulnerability (CVE-2020-14697)

Oracle Application Server CVE-2006-0285 Vulnerability (CVE-2006-0285)

Python CVE-2020-27619 Vulnerability (CVE-2020-27619)

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3818)

Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2021-26691)

Severity

Low

Classification

CVE-2013-2149 CWE-707