Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
owncloudOwnCloudOC-SA-2012-021
HistoryJul 04, 2012 - 11:42 a.m.

Server: Multiple stored XSS

2012-07-0411:42:22
owncloud.org
19

0.002 Low

EPSS

Percentile

53.5%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.1 allow remote attackers to inject arbitrary web script or HTML via

  • the calendar displayname to part.choosecalendar.rowfields.php
  • part.choosecalendar.rowfields.shared.php in apps/calendar/templates/
  • unspecified vectors to apps/contacts/lib/vcard.php

For more information please consult the official advisory.

This advisory is licensed CC BY-SA 4.0

CPENameOperatorVersion
owncloud serverlt4.0.1

Related

owncloud 5
ubuntucve 1
openvas 1
cve 1
prion 1
cvelist 1
nvd 1
owncloud
owncloud
Multiple reflected XSS - ownCloud
2012-07-11 17:24:59
Server: Reflected XSS
2012-06-23 11:42:22
Reflected XSS - ownCloud
2012-06-23 17:23:20
ubuntucve
ubuntucve
CVE-2012-4395
2012-09-05 00:00:00
openvas
openvas
ownCloud < 4.0.3 XSS Vulnerability (oC-SA-2012-019)
2021-09-21 00:00:00
cve
cve
CVE-2012-4395
2022-10-03 16:15:32
prion
prion
Cross site scripting
2012-09-05 23:55:00
cvelist
cvelist
CVE-2012-4395
2022-10-03 16:15:32
nvd
nvd
CVE-2012-4395
2012-09-05 23:55:03

0.002 Low

EPSS

Percentile

53.5%

JSON
Related for OC-SA-2012-021
owncloud5ubuntucve1openvas1cve1prion1cvelist1nvd1