CVE-2012-4397 in ownCloudinfo

Summary

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) calendar displayname to part.choosecalendar.rowfields.php or (2) part.choosecalendar.rowfields.shared.php in apps/calendar/templates/; or (3) unspecified vectors to apps/contacts/lib/vcard.php.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

ID	Vulnerability	CWE	Exp	Cou	CVE
62044	ownCloud part.choosecalendar.rowfields.php cross site scripting	79	Not defined	Official fix	CVE-2012-4397

Reservation

08/21/2012

Disclosure

09/05/2012

Status

Confirmed

Entries

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-4397
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-4397
CVE Details	https://www.cvedetails.com/cve/CVE-2012-4397/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!