CVE-2020-16255

2021-01-1518:15:13

Google

osv.dev

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.3%

JSON

ownCloud (Core) before 10.5 allows XSS in login page ‘forgot password.’

CPENameOperatorVersion
coreeq10.0.8RC2
coreeq4.5.0RC1
coreeq4.0.3
coreeq2.0beta3
coreeq3.0RC1
coreeq10.0.2RC1
rubyeq1.8.7_p174-r0
coreeq10.0.9RC2
coreeq10.0.9beta
coreeq10.0.9RC4

Name	Operator	Version
core	eq	10.0.8RC2
core	eq	4.5.0RC1
core	eq	4.0.3
core	eq	2.0beta3
core	eq	3.0RC1
core	eq	10.0.2RC1
ruby	eq	1.8.7_p174-r0
core	eq	10.0.9RC2
core	eq	10.0.9beta
core	eq	10.0.9RC4

Rows per page:

1-10 of 1931

References

owncloud.com/security-advisories/reflected-xss-in-login-page-forgot-password-functionallity/

owncloud.org/security/advisories/