XSS Vulnerability in MediaElement.js - ownCloud

A cross-site scripting XSS vulnerability in all ownCloud versions prior to 5.0.5 including the 4.5.x branch allows remote attackers to execute arbitrary javascript when a user opens a special crafted URL. This vulnerability exists in the bundled 3rdparty plugin "MediaElement.js", "MediaElement.js...

Server: XSS Vulnerability in jPlayer

A cross-site scripting XSS vulnerability in all ownCloud versions prior to 5.0.5 including the 4.0.x branch allows remote attackers to execute arbitrary javascript when a user opens a special crafted URL. This vulnerability exists in the bundled 3rdparty plugin "jPlayer", "jPlayer" released versi...