Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-9042
HistoryFeb 04, 2015 - 6:59 p.m.

CVE-2014-9042

2015-02-0418:59:00
CWE-79
[email protected]
web.nvd.nist.gov
15
cve-2014-9042
cross-site scripting
xss
vulnerability
bookmark application
owncloud
remote authenticated users
arbitrary web script
html
protocol
remote attackers
cve-2014-9041

5.2 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

29.8%

JSON

Cross-site scripting (XSS) vulnerability in the import functionality in the bookmarks application in ownCloud before 5.0.18, 6.x before 6.0.6, and 7.x before 7.0.3 allows remote authenticated users to inject arbitrary web script or HTML by importing a link with an unspecified protocol. NOTE: this can be leveraged by remote attackers using CVE-2014-9041.

Related

prion 2
cvelist 2
owncloud 4
nessus 1
securityvulns 2
openvas 1
cve 1
prion
prion
Cross site scripting
2015-02-04 18:59:00
Cross site request forgery (csrf)
2015-02-04 18:59:00
cvelist
cvelist
CVE-2014-9042
2015-02-04 18:00:00
CVE-2014-9041
2015-02-04 18:00:00
owncloud
owncloud
Stored XSS in "bookmarks" application - ownCloud
2014-11-25 18:41:29
Server: Stored XSS in "bookmarks" application
2014-11-25 15:00:00
CSRF in "bookmarks" application - ownCloud
2014-11-25 18:40:51
nessus
nessus
Mandriva Linux Security Advisory : owncloud (MDVSA-2015:190)
2015-04-03 00:00:00
securityvulns
securityvulns
[ MDVSA-2015:190 ] owncloud
2015-05-05 00:00:00
owncloud multiple security vulnerabilities
2015-05-05 00:00:00
openvas
openvas
ownCloud Multiple Vulnerabilities -02 (Feb 2015)
2015-02-19 00:00:00
cve
cve
CVE-2014-9041
2015-02-04 18:59:00

5.2 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

29.8%

JSON
Related for CVE-2014-9042
prion2cvelist2owncloud4nessus1securityvulns2openvas1cve1