2 matches found
CVE-2013-2149
CVE-2013-2149: ownCloud is vulnerable to cross-site scripting via shared files. Mageia MGASA-2013-0171 notes XSS in js/viewer.js and core/js/oc-dialogs.js, exploitable in all ownCloud versions before 5.0.7 and 4.0.16. Affected components include files_videoviewer; impact is arbitrary script injec...
Server: Multiple XSS vulnerabilities
Cross-site scripting XSS vulnerabilities in js/viewer.js inside the filesvideoviewer application via multiple unspecified vectors in all ownCloud versions prior to 5.0.7 and 4.5.12 allows authenticated remote attackers to inject arbitrary web script or HTML via shared files. CVE-2013-2150...