First published: Wed Sep 05 2012(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) calendar displayname to part.choosecalendar.rowfields.php or (2) part.choosecalendar.rowfields.shared.php in apps/calendar/templates/; or (3) unspecified vectors to apps/contacts/lib/vcard.php.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
ownCloud ownCloud | <=4.0.0 | |
ownCloud ownCloud | =3.0.0 | |
ownCloud ownCloud | =3.0.1 | |
ownCloud ownCloud | =3.0.2 | |
ownCloud ownCloud | =3.0.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.