Server: XSS vulnerability in user_webdavauth

2012-11-14T10:42:22
ID OC-SA-2012-003
Type owncloud
Reporter ownCloud
Modified 2012-11-14T10:42:22

Description

A cross-site scripting (XSS) vulnerability in ownCloud 4.5.x before 4.5.2 allow remote attackers to inject arbitrary web script or HTML via the POST data to settings.php in apps/user_webdavauth/


For more information please consult the official advisory.

This advisory is licensed CC BY-SA 4.0