CVE-2013-1822 in ownCloudinfo

Summary

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.x before 4.5.8 allow remote authenticated users with administrator privileges to inject arbitrary web script or HTML via the (1) quota parameter to /core/settings/ajax/setquota.php, or remote authenticated users with group admin privileges to inject arbitrary web script or HTML via the (2) group field to settings.php or (3) "share with" field.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

02/19/2013

Disclosure

03/14/2014

Moderation

VulDB entry created

Entries

VDB-66647 (1)

CPE

ready

CWE

CWE-79 (Confirmed)

CVSS

3.5

EPSS

0.00185

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2013-1822
NVD	https://nvd.nist.gov/vuln/detail/CVE-2013-1822
CVE Details	https://www.cvedetails.com/cve/CVE-2013-1822/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!