Cross-site scripting (XSS) vulnerability in the import functionality in the bookmarks application in ownCloud prior to 5.0.18, 6.x prior to 6.0.6, and 7.x prior to 7.0.3 allows remote authenticated users to inject arbitrary web script or HTML by importing a link with an unspecified protocol. NOTE: this can be leveraged by remote attackers using CVE-2014-9041.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
owncloud owncloud 5.0.0 |
||
owncloud owncloud 5.0.5 |
||
owncloud owncloud 5.0.6 |
||
owncloud owncloud 5.0.7 |
||
owncloud owncloud 5.0.8 |
||
owncloud owncloud 5.0.14 |
||
owncloud owncloud 5.0.15 |
||
owncloud owncloud 5.0.16 |
||
owncloud owncloud 6.0.3 |
||
owncloud owncloud 6.0.4 |
||
owncloud owncloud 6.0.5 |
||
owncloud owncloud 7.0.0 |
||
owncloud owncloud 5.0.1 |
||
owncloud owncloud 5.0.11 |
||
owncloud owncloud 5.0.13 |
||
owncloud owncloud |
||
owncloud owncloud 5.0.3 |
||
owncloud owncloud 6.0.0 |
||
owncloud owncloud 6.0.2 |
||
owncloud owncloud 7.0.1 |
||
owncloud owncloud 5.0.10 |
||
owncloud owncloud 5.0.12 |
||
owncloud owncloud 5.0.2 |
||
owncloud owncloud 5.0.4 |
||
owncloud owncloud 5.0.9 |
||
owncloud owncloud 6.0.1 |
||
owncloud owncloud 7.0.2 |
Vulmon