First published: Wed Jun 04 2014(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in the (1) Gallery and (2) core components in ownCloud Server before 5.016 and 6.0.x before 6.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to the print_unescaped function.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
ownCloud ownCloud | <=5.0.15 | |
ownCloud ownCloud | =5.0.0 | |
ownCloud ownCloud | =5.0.1 | |
ownCloud ownCloud | =5.0.2 | |
ownCloud ownCloud | =5.0.3 | |
ownCloud ownCloud | =5.0.4 | |
ownCloud ownCloud | =5.0.5 | |
ownCloud ownCloud | =5.0.6 | |
ownCloud ownCloud | =5.0.7 | |
ownCloud ownCloud | =5.0.8 | |
ownCloud ownCloud | =5.0.9 | |
ownCloud ownCloud | =5.0.10 | |
ownCloud ownCloud | =5.0.11 | |
ownCloud ownCloud | =5.0.12 | |
ownCloud ownCloud | =5.0.13 | |
ownCloud ownCloud | =5.0.14 | |
ownCloud ownCloud | =5.0.14-a | |
ownCloud ownCloud | =6.0.0 | |
ownCloud ownCloud | =6.0.1 | |
ownCloud ownCloud | =6.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.