Description

Cross-site scripting (XSS) vulnerability in the Documents component in ownCloud Server 6.0.x before 6.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to the print_unescaped function.

Remediation

References

CVE-2014-3832

Related Vulnerabilities

WordPress Plugin Easy Digital Downloads-Simple eCommerce for Selling Digital Files SQL Injection (3.1.0.3)

MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-2335)

WordPress Plugin CP Contact Form with PayPal Cross-Site Scripting (1.2.97)

MySQL CVE-2019-2686 Vulnerability (CVE-2019-2686)

WordPress Plugin Simple 301 Redirects by BetterLinks Multiple Security Bypass Vulnerabilities (2.0.3)

Severity

Medium

Classification

CVE-2014-3832 CWE-707

Tags

Missing Update Known Vulnerabilities