CVE-2013-0202

Summary

Cross-site scripting (XSS) vulnerability in ownCloud 4.5.5, 4.0.10, and earlier allows remote attackers to inject arbitrary web script or HTML via the action parameter to core/ajax/sharing.php.

Affected Software

VendorProductVersion RangeStatus
ownCloudownCloud4.5.5affected
ownCloudownCloud4.0.10affected
ownCloudownCloudand earlieraffected

Weaknesses

  • Cross-Site Scripting

ADP Enrichment

CVE Program Container

Additional References

References