Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
owncloudOwnCloudOC-SA-2013-028
HistoryJun 06, 2013 - 11:42 a.m.

Server: Multiple XSS vulnerabilities

2013-06-0611:42:22
owncloud.org
31

EPSS

0.001

Percentile

30.0%

JSON

Cross-site scripting (XSS) vulnerabilities in js/viewer.js inside the files_videoviewer application via multiple unspecified vectors in all ownCloud versions prior to 5.0.7 and 4.5.12 allows authenticated remote attackers to inject arbitrary web script or HTML via shared files. (CVE-2013-2150)

Cross-site scripting (XSS) vulnerabilities in core/js/oc-dialogs.js via multiple unspecified vectors in all ownCloud versions prior to 5.0.7 and other versions before 4.0.16 allows authenticated remote attackers to inject arbitrary web script or HTML via shared files. (CVE-2013-2149)

For more information please consult the official advisory.

This advisory is licensed CC BY-SA 4.0

Related

owncloud 1
mageia 1
nessus 3
openvas 5
cvelist 2
cve 2
ubuntucve 2
prion 2
nvd 2
fedora 1
freebsd 1
owncloud
owncloud
Multiple XSS vulnerabilities - ownCloud
2013-06-06 18:14:16
mageia
mageia
Updated owncloud package fixes security vulnerabilities
2013-06-18 18:58:38
nessus
nessus
Mandriva Linux Security Advisory : owncloud (MDVSA-2013:175)
2013-06-18 00:00:00
FreeBSD : owncloud -- Multiple security vulnerabilities (d7a43ee6-d2d5-11e2-9894-002590082ac6)
2013-06-12 00:00:00
Fedora 18 : owncloud-4.5.12-1.fc18 (2013-10440)
2013-07-12 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2013-0171)
2022-01-28 00:00:00
ownCloud Multiple Cross Site Scripting Vulnerabilities -02 (May 2014)
2014-05-06 00:00:00
ownCloud Multiple Cross Site Scripting Vulnerabilities -03 (May 2014)
2014-05-06 00:00:00
cvelist
cvelist
CVE-2013-2149
2014-03-14 16:00:00
CVE-2013-2150
2014-03-14 16:00:00
cve
cve
CVE-2013-2149
2014-03-14 16:55:05
CVE-2013-2150
2014-03-14 16:55:05
ubuntucve
ubuntucve
CVE-2013-2149
2014-03-14 00:00:00
CVE-2013-2150
2014-03-14 00:00:00
prion
prion
Cross site scripting
2014-03-14 16:55:00
Cross site scripting
2014-03-14 16:55:00
nvd
nvd
CVE-2013-2150
2014-03-14 16:55:05
CVE-2013-2149
2014-03-14 16:55:05
fedora
fedora
[SECURITY] Fedora 18 Update: owncloud-4.5.12-1.fc18
2013-06-24 03:27:14
freebsd
freebsd
owncloud -- Multiple security vulnerabilities
2013-05-14 00:00:00

EPSS

0.001

Percentile

30.0%

JSON
Related for OC-SA-2013-028
owncloud1mageia1nessus3openvas5cvelist2cve2ubuntucve2prion2nvd2fedora1freebsd1