Description
Inadequate escaping lead to XSS vulnerability in the search module in ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2. To be exploitable a user has to write or paste malicious content into the search dialogue.
Remediation
References
Related Vulnerabilities
Atlassian Confluence Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-22504)
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10678)
WordPress Plugin Clipboard Images Arbitrary File Upload (0.3)
WordPress Plugin Import all XML, CSV & TXT into WordPress Server-Side Request Forgery (6.5.2)