Lucene search

Ubuntu.comUB:CVE-2013-2040

HistoryMar 14, 2014 - 12:00 a.m.

CVE-2013-2040

2014-03-1400:00:00

ubuntu.com

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

EPSS

0.001

Percentile

30.0%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before
4.0.15, 4.5.x before 4.5.11, and 5.0.x before 5.0.6 allow remote
authenticated users to inject arbitrary web script or HTML via unspecified
vectors.

Notes

Author	Note
mdeslaur	owncloud packages in Ubuntu are now empty

References

owncloud.org/about/security/advisories/oC-SA-2013-021/

launchpad.net/bugs/cve/CVE-2013-2040

nvd.nist.gov/vuln/detail/CVE-2013-2040

security-tracker.debian.org/tracker/CVE-2013-2040

www.cve.org/CVERecord?id=CVE-2013-2040

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

EPSS

0.001

Percentile

30.0%

JSON

Related for UB:CVE-2013-2040