Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2012-5056

Опубликовано: 04 июн. 2014
Источник: debian
EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud Server before 4.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) readyCallback parameter to apps/files_odfviewer/src/webodf/webodf/flashput/PUT.swf, the (2) root parameter to apps/gallery/templates/index.php, or a (3) malformed query to lib/db.php.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
owncloudfixed4.0.8debian-1package

EPSS

Процентиль: 49%
0.00263
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2012-5056

ubuntu
больше 11 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud Server before 4.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) readyCallback parameter to apps/files_odfviewer/src/webodf/webodf/flashput/PUT.swf, the (2) root parameter to apps/gallery/templates/index.php, or a (3) malformed query to lib/db.php.

nvd логотип

CVE-2012-5056

nvd
больше 11 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud Server before 4.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) readyCallback parameter to apps/files_odfviewer/src/webodf/webodf/flashput/PUT.swf, the (2) root parameter to apps/gallery/templates/index.php, or a (3) malformed query to lib/db.php.

github логотип

GHSA-vxvf-73q9-v894

github
больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud Server before 4.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) readyCallback parameter to apps/files_odfviewer/src/webodf/webodf/flashput/PUT.swf, the (2) root parameter to apps/gallery/templates/index.php, or a (3) malformed query to lib/db.php.

EPSS

Процентиль: 49%
0.00263
Низкий