What is the severity of CVE-2013-2042?

CVE-2013-2042 is rated as medium severity, indicating potential impact on user data and security.

How do I fix CVE-2013-2042?

To mitigate CVE-2013-2042, upgrade to ownCloud versions 4.0.15, 4.5.11, or 5.0.6 or later.

What are the consequences of exploiting CVE-2013-2042?

Exploitation of CVE-2013-2042 can allow an attacker to inject arbitrary web scripts or HTML, potentially leading to data theft or account compromise.

Which versions of ownCloud are affected by CVE-2013-2042?

CVE-2013-2042 affects ownCloud versions prior to 4.0.15, 4.5.x before 4.5.11, and 5.0.x before 5.0.6.

Who can exploit CVE-2013-2042?

CVE-2013-2042 can be exploited by remote authenticated users, as it allows them to manipulate the url parameter.

Vulnerability/
CVE-2013-2042

low

3.5

CWE

14/3/2014

6/8/2024

CVE-2013-2042: XSS

First published: Fri Mar 14 2014(Updated: )

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.15, 4.5.x before 4.5.11, and 5.0.x before 5.0.6 allow remote authenticated users to inject arbitrary web script or HTML via the url parameter to (1) apps/bookmarks/ajax/addBookmark.php or (2) apps/bookmarks/ajax/editBookmark.php.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
ownCloud	<=4.0.14
ownCloud	=4.0.0
ownCloud	=4.0.1
ownCloud	=4.0.2
ownCloud	=4.0.3
ownCloud	=4.0.4
ownCloud	=4.0.5
ownCloud	=4.0.6
ownCloud	=4.0.7
ownCloud	=4.0.8
ownCloud	=4.0.9
ownCloud	=4.0.10
ownCloud	=4.0.11
ownCloud	=4.0.12
ownCloud	=4.0.13
ownCloud	=4.5.1
ownCloud	=4.5.2
ownCloud	=4.5.3
ownCloud	=4.5.4
ownCloud	=4.5.5
ownCloud	=4.5.6
ownCloud	=4.5.7
ownCloud	=4.5.8
ownCloud	=4.5.9
ownCloud	=4.5.10
ownCloud	=5.0.0
ownCloud	=5.0.1
ownCloud	=5.0.2
ownCloud	=5.0.3
ownCloud	=5.0.4
ownCloud	=5.0.5

Remedy

http://owncloud.org/about/security/advisories/oC-SA-2013-021/

Never miss a vulnerability like this again

Reference Links

http://owncloud.org/about/security/advisories/oC-SA-2013-021/

Frequently Asked Questions

What is the severity of CVE-2013-2042?
CVE-2013-2042 is rated as medium severity, indicating potential impact on user data and security.
How do I fix CVE-2013-2042?
To mitigate CVE-2013-2042, upgrade to ownCloud versions 4.0.15, 4.5.11, or 5.0.6 or later.
What are the consequences of exploiting CVE-2013-2042?
Exploitation of CVE-2013-2042 can allow an attacker to inject arbitrary web scripts or HTML, potentially leading to data theft or account compromise.
Which versions of ownCloud are affected by CVE-2013-2042?
CVE-2013-2042 affects ownCloud versions prior to 4.0.15, 4.5.x before 4.5.11, and 5.0.x before 5.0.6.
Who can exploit CVE-2013-2042?
CVE-2013-2042 can be exploited by remote authenticated users, as it allows them to manipulate the url parameter.

agent/type
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/references
agent/remedy
agent/severity
agent/author
agent/description
agent/first-publish-date
agent/event
agent/source
agent/weakness
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/owncloud
canonical/owncloud
version/owncloud/4.0.14
version/owncloud/4.0.0
version/owncloud/4.0.1
version/owncloud/4.0.2
version/owncloud/4.0.3
version/owncloud/4.0.4
version/owncloud/4.0.5
version/owncloud/4.0.6
version/owncloud/4.0.7
version/owncloud/4.0.8
version/owncloud/4.0.9
version/owncloud/4.0.10
version/owncloud/4.0.11
version/owncloud/4.0.12
version/owncloud/4.0.13
version/owncloud/4.5.1
version/owncloud/4.5.2
version/owncloud/4.5.3
version/owncloud/4.5.4
version/owncloud/4.5.5
version/owncloud/4.5.6
version/owncloud/4.5.7
version/owncloud/4.5.8
version/owncloud/4.5.9
version/owncloud/4.5.10
version/owncloud/5.0.0
version/owncloud/5.0.1
version/owncloud/5.0.2
version/owncloud/5.0.3
version/owncloud/5.0.4
version/owncloud/5.0.5