ownCloud Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2014-3833 - Vulnerability Database

ownCloud

ownCloud Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2014-3833

Medium

Reference: CVE-2014-3833

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2014-3833

Title: ownCloud Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Overview:

Multiple cross-site scripting (XSS) vulnerabilities in the (1) Gallery and (2) core components in ownCloud Server before 5.016 and 6.0.x before 6.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors possibly related to the print_unescaped function.