Cross site scripting

2015-05-0814:59:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.3%

Cross-site scripting (XSS) vulnerability in WebODF before 0.5.4 allows remote attackers to inject arbitrary web script or HTML via a file name.

CPENameOperatorVersion
webodflt0.5.4

CPE	Name	Operator	Version
	webodf	lt	0.5.4

References

www.securityfocus.com/bid/74577

github.com/kogmbh/WebODF/blob/master/ChangeLog.md

github.com/kogmbh/WebODF/pull/851

owncloud.org/security/advisory/?id=oc-sa-2015-002