Lucene search
HistoryOct 21, 2015 - 3:59 p.m.
CVE-2015-5953
owncloud
server
xss
vulnerability
cve-2015-5953
security
nvd
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.1 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
30.2%
Cross-site scripting (XSS) vulnerability in the activity application in ownCloud Server before 7.0.5 and 8.0.x before 8.0.4 allows remote authenticated users to inject arbitrary web script or HTML via a " (double quote) character in a filename in a shared folder.
Affected configurations
Node
owncloudowncloudRange≤7.0.4
ORowncloudowncloudMatch8.0.0
ORowncloudowncloudMatch8.0.2
ORowncloudowncloudMatch8.0.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| owncloud:owncloud | owncloud | le | 7.0.4 |
| owncloud:owncloud | owncloud | eq | 8.0.0 |
| owncloud:owncloud | owncloud | eq | 8.0.2 |
| owncloud:owncloud | owncloud | eq | 8.0.3 |
Related
openvas
openvas
ownCloud Stored XSS Vulnerability (oC-SA-2015-010) - Windows
2016-09-23 00:00:00
ownCloud Stored XSS Vulnerability (oC-SA-2015-010) - Linux
2016-09-23 00:00:00
Debian: Security Advisory (DSA-3373-1)
2015-10-17 00:00:00
prion
prion
Cross site scripting
2015-10-21 15:59:00
cvelist
cvelist
CVE-2015-5953
2015-10-21 15:00:00
owncloud
owncloud
Server: Stored XSS in "activity" application
2015-08-03 14:56:11
Stored XSS in "activity" application - ownCloud
2015-06-24 18:49:05
ubuntucve
ubuntucve
CVE-2015-5953
2015-10-21 00:00:00
nvd
nvd
CVE-2015-5953
2015-10-21 15:59:00
debian
debian
[SECURITY] [DSA 3373-1] owncloud security update
2015-10-18 13:49:47
[SECURITY] [DSA 3373-1] owncloud security update
2015-10-18 13:49:47
securityvulns
securityvulns
owncloud multiple security vulnerabilities
2015-10-25 00:00:00
[SECURITY] [DSA 3373-1] owncloud security update
2015-10-25 00:00:00
nessus
nessus
Debian DSA-3373-1 : owncloud - security update
2015-10-19 00:00:00
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.1 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
30.2%
Related for CVE-2015-5953