Description

Cross-site scripting (XSS) vulnerability in ownCloud before 6.0.1 allows remote authenticated users to inject arbitrary web script or HTML via the filename of an uploaded file.

Remediation

References

CVE-2014-1665

Related Vulnerabilities

TwistedHTTP Request Splitting Vulnerability (CVE-2020-10108)

Joomla! Core 4.x.x Multiple Vulnerabilities (4.0.0 - 4.1.0)

Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-21673)

WordPress 'wp-register.php' Multiple Cross-Site Scripting Vulnerabilities (2.0 - 2.0.1)

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1893)

Severity

Medium

Classification

CVE-2014-1665 CWE-707 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities