Description
Multiple cross-site scripting (XSS) vulnerabilities in js/viewer.js in ownCloud before 4.5.12 and 5.x before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via vectors related to shared files.
Remediation
References
Related Vulnerabilities
WordPress Plugin SpamTask Arbitrary File Upload (1.3.6)
WordPress Plugin Booster for WooCommerce Multiple Vulnerabilities (5.6.6)
WordPress Plugin Integrator 'redirect_to' Parameter Cross-Site Scripting (1.32)
WordPress Plugin Yasr-Yet Another Stars Rating SQL Injection (0.9.0)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3617)