Cross-site scripting (XSS) vulnerability in the activity application in ownCloud Server prior to 7.0.5 and 8.0.x prior to 8.0.4 allows remote authenticated users to inject arbitrary web script or HTML via a " (double quote) character in a filename in a shared folder.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
owncloud owncloud |
||
owncloud owncloud 8.0.0 |
||
owncloud owncloud 8.0.2 |
||
owncloud owncloud 8.0.3 |