Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2013-2041

Опубликовано: 14 мар. 2014
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 3.5

Описание

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 5.0.x before 5.0.6 allow remote authenticated users to inject arbitrary web script or HTML via the (1) tag parameter to apps/bookmarks/ajax/addBookmark.php or (2) dir parameter to apps/files/ajax/newfile.php, which is passed to apps/files/js/files.js.

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [6.0.1+dfsg-1ubuntu1]]
lucid

DNE

precise

not-affected

quantal

ignored

end of life
raring

ignored

end of life
saucy

not-affected

5.0.10+dfsg-1ubuntu1
trusty

not-affected

6.0.1+dfsg-1ubuntu1
trusty/esm

DNE

trusty was not-affected [6.0.1+dfsg-1ubuntu1]
upstream

released

5.0.6

Показывать по

Ссылки на источники

EPSS

Процентиль: 40%
0.00185
Низкий

3.5 Low

CVSS2

Связанные уязвимости

nvd логотип

CVE-2013-2041

nvd
почти 12 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 5.0.x before 5.0.6 allow remote authenticated users to inject arbitrary web script or HTML via the (1) tag parameter to apps/bookmarks/ajax/addBookmark.php or (2) dir parameter to apps/files/ajax/newfile.php, which is passed to apps/files/js/files.js.

debian логотип

CVE-2013-2041

debian
почти 12 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 5.0.x ...

github логотип

GHSA-c7mv-h456-cq8v

github
больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 5.0.x before 5.0.6 allow remote authenticated users to inject arbitrary web script or HTML via the (1) tag parameter to apps/bookmarks/ajax/addBookmark.php or (2) dir parameter to apps/files/ajax/newfile.php, which is passed to apps/files/js/files.js.

EPSS

Процентиль: 40%
0.00185
Низкий

3.5 Low

CVSS2