CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2012-5608
https://notcve.org/view.php?id=CVE-2012-5608
Cross-site scripting (XSS) vulnerability in apps/user_webdavauth/settings.php in ownCloud 4.5.x before 4.5.2 allows remote attackers to inject arbitrary web script or HTML via arbitrary POST parameters. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en apps/user_webdavauth/settings.php en ownCloud v4.5.x antes de v4.5.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de parámetros POST arbitrarios. • http://owncloud.org/changelog http://owncloud.org/security/advisories/oc-sa-2012-003 http://secunia.com/advisories/51357 http://www.openwall.com/lists/oss-security/2012/11/30/3 https://github.com/owncloud/core/commit/054c168 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •