CVE-2012-5056

OwnCloud Server prior to 4.0.8 is affected by multiple XSS vulnerabilities. The issues allow remote attackers to inject arbitrary script/HTML via three vectors: (1) readyCallback in apps/files_odfviewer/src/webodf/webodf/flashput/PUT.swf, (2) root parameter to apps/gallery/templates/index.php, an...

Multiple XSS vulnerabilities - ownCloud

Multiple cross-site scripting XSS vulnerabilities in ownCloud before 4.0.8 allow remote attackers to inject arbitrary web script or HTML via the readyCallback parameter to PUT.swf in apps/filesodfviewer/src/webodf/webodf/flashput/ the root parameter to index.php in apps/gallery/templates/ a...