CVE-2013-0202: XSS
First published: Tue Dec 17 2019(Updated: )
Cross-site scripting (XSS) vulnerability in ownCloud 4.5.5, 4.0.10, and earlier allows remote attackers to inject arbitrary web script or HTML via the action parameter to core/ajax/sharing.php.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ownCloud ownCloud | >=4.0.0<4.0.11 | |
| ownCloud ownCloud | >=4.5.0<4.5.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2013-0202?
The severity of CVE-2013-0202 is medium with a severity value of 6.1.
How does CVE-2013-0202 affect ownCloud?
CVE-2013-0202 affects ownCloud versions 4.5.5, 4.0.10, and earlier.
What is the vulnerability in CVE-2013-0202?
CVE-2013-0202 is a cross-site scripting (XSS) vulnerability.
How can an attacker exploit CVE-2013-0202?
An attacker can exploit CVE-2013-0202 by injecting arbitrary web script or HTML using the action parameter to core/ajax/sharing.php.
Are there any available fixes or patches for CVE-2013-0202?
Please refer to the official ownCloud security advisories for information on available fixes or patches.
- collector/nvd-index
- vendor/owncloud
- canonical/owncloud owncloud
- version/owncloud owncloud/4.0.0
- version/owncloud owncloud/4.5.0