Server: XSS vulnerability in user_webdavauth

ID OC-SA-2012-003
Type owncloud
Reporter ownCloud
Modified 2012-11-14T10:42:22


A cross-site scripting (XSS) vulnerability in ownCloud 4.5.x before 4.5.2 allow remote attackers to inject arbitrary web script or HTML via the POST data to settings.php in apps/user_webdavauth/

For more information please consult the official advisory.

This advisory is licensed CC BY-SA 4.0