2 matches found
CVE-2013-0297
CVE-2013-0297 concerns multiple XSS flaws in ownCloud prior to 4.0.12 and 4.5.x prior to 4.5.7. The vulnerabilities allow remote authenticated administrators to inject arbitrary script/HTML via the site_name or site_url parameters to apps/external/ajax/setsites.php. Connected sources confirm affe...
Server: Multiple XSS vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in ownCloud 4.5.6 and 4.0.11 and all prior versions allow remote attackers to inject arbitrary web script or HTML via the "sitename" and "siteurl" POST parameters to setsites.php in /apps/external/ajax/ CVE-2013-0297 Commits: e0140a stable45,...