CVE-2012-5606

OwnCloud contains multiple XSS vulnerabilities in versions before 4.0.9 and 4.5.0. The flaws allow remote injection of arbitrary scripts/HTML via (1) file name in apps/files_versions/js/versions.js, (2) apps/files/js/filelist.js, or (3) event title in 3rdparty/fullcalendar/js/fullcalendar.js. Roo...