VDB-147272 · CVE-2013-0202 · OSVDB 89510

ownCloud up to 4.0.10/4.5.5 core/ajax/sharing.php action cross site scripting

A vulnerability was found in ownCloud up to 4.0.10/4.5.5 (Cloud Software) and classified as problematic. Affected by this issue is some unknown processing of the file core/ajax/sharing.php. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field12/18/2019 07:27 AM12/18/2019 07:32 AM
nameownCloudownCloud
version<=4.0.10/4.5.5<=4.0.10/4.5.5
filecore/ajax/sharing.phpcore/ajax/sharing.php
argumentactionaction
input_typeParameterParameter
discoverydate13588128001358812800
risk11
cvss2_vuldb_basescore4.34.3
cvss2_vuldb_tempscore4.34.3
cvss2_vuldb_avNN
cvss2_vuldb_acMM
cvss2_vuldb_auNN
cvss2_vuldb_ciNN
cvss2_vuldb_iiPP
cvss2_vuldb_aiNN
cvss3_meta_basescore5.75.7
cvss3_meta_tempscore5.75.7
cvss3_vuldb_basescore5.35.3
cvss3_vuldb_tempscore5.35.3
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cNN
cvss3_vuldb_iLL
cvss3_vuldb_aNN
date1576540800 (12/17/2019)1576540800 (12/17/2019)
price_0day$0-$5k$0-$5k
cveCVE-2013-0202CVE-2013-0202
osvdb8951089510
cvss2_vuldb_eNDND
cvss2_vuldb_rlNDND
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlXX
cvss3_vuldb_rcXX
0day_days25202520
cvss3_nvd_basescore6.16.1
typeCloud Software
cwe079 (cross site scripting)
cvss2_nvd_avN
cvss2_nvd_acM
cvss2_nvd_auN
cvss2_nvd_ciN
cvss2_nvd_iiP
cvss2_nvd_aiN
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiR
cvss3_nvd_sC
cvss3_nvd_cL
cvss3_nvd_iL
cvss3_nvd_aN
cve_assigned1354752000
cve_nvd_summaryCross-site scripting (XSS) vulnerability in ownCloud 4.5.5, 4.0.10, and earlier allows remote attackers to inject arbitrary web script or HTML via the action parameter to core/ajax/sharing.php.
openvas_id801070
openvas_filenamegb_owncloud_mult_xss_vuln01_apr14.nasl
openvas_titleownCloud Multiple XSS Vulnerabilities-01 Apr14
openvas_familyWeb application abuses

Do you need the next level of professionalism?

Upgrade your account now!