ownCloud CVE-2013-0307 Cross Site Scripting Vulnerability
BID:58485
Info
ownCloud CVE-2013-0307 Cross Site Scripting Vulnerability
| Bugtraq ID: | 58485 |
| Class: | Input Validation Error |
| CVE: |
CVE-2013-0307 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 17 2013 12:00AM |
| Updated: | Feb 17 2013 12:00AM |
| Credit: | Sabari Selvan |
| Vulnerable: |
ownCloud ownCloud 4.5.2 ownCloud ownCloud 4.5 ownCloud ownCloud 4.0.9 ownCloud ownCloud 4.0.7 ownCloud ownCloud 4.0.6 ownCloud ownCloud 4.0.5 ownCloud ownCloud 4.0.4 ownCloud ownCloud 4.5.6 ownCloud ownCloud 4.5.5 ownCloud ownCloud 4.0.3 ownCloud ownCloud 4.0.2 ownCloud ownCloud 4.0.11 ownCloud ownCloud 4.0.10 ownCloud ownCloud 4.0.1 |
| Not Vulnerable: |
ownCloud ownCloud 4.5.7 ownCloud ownCloud 4.0.12 |
Exploit / POC
ownCloud CVE-2013-0307 Cross Site Scripting Vulnerability
An attacker must trick an unsuspecting victim into following a malicious URI to exploit the cross-site scripting issue.
An attacker must trick an unsuspecting victim into following a malicious URI to exploit the cross-site scripting issue.
References
ownCloud CVE-2013-0307 Cross Site Scripting Vulnerability
References:
References:
- ownCloud Homepage (ownCloud)
- Multiple XSS vulnerabilities (oC-SA-2013-003) (ownCloud)