Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
owncloudOwnCloudOC-SA-2012-001
HistoryAug 24, 2012 - 11:42 a.m.

Server: Multiple XSS vulnerabilities

2012-08-2411:42:22
owncloud.org
17

0.0004 Low

EPSS

Percentile

5.1%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.0 allow remote attackers to inject arbitrary web script or HTML via

  • the filename to to versions.js in apps/files_versions/js/
  • the filename to filelist.js in apps/files/js/
  • the event title to fullcalendar.js in 3rdparty/fullcalendar/js/

For more information please consult the official advisory.

This advisory is licensed CC BY-SA 4.0

Related

nvd 1
owncloud 1
cve 1
prion 1
cvelist 1
veracode 3
nessus 1
redhat 1
nvd
nvd
CVE-2012-5605
2013-01-04 22:55:02
owncloud
owncloud
Multiple XSS vulnerabilities - ownCloud
2012-08-24 09:24:57
cve
cve
CVE-2012-5605
2013-01-04 22:55:02
prion
prion
Default configuration
2013-01-04 22:55:00
cvelist
cvelist
CVE-2012-5605
2013-01-04 22:00:00
veracode
veracode
Information Disclosure
2019-05-02 04:41:52
Privilege Escalation
2019-05-02 04:41:52
Information Disclosure
2019-05-02 04:41:51
nessus
nessus
RHEL 5 / 6 : CloudForms System Engine 1.1 update (Important) (RHSA-2012:1543)
2024-04-27 00:00:00
redhat
redhat
(RHSA-2012:1543) Important: CloudForms System Engine 1.1 update
2012-12-04 00:00:00

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for OC-SA-2012-001
nvd1owncloud1cve1prion1cvelist1veracode3nessus1redhat1