CVE-2014-3832

Owncloud Server - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in the Documents component in ownCloud Server 6.0.x before 6.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to the print_unescaped function.

References (1)

[Vendor Advisory] http://owncloud.org/about/security/advisories/oc-sa-2014-010

Scores

EPSS 0.0026

EPSS Percentile 49.5%

Details

CWE

CWE-79

Status published

Products (4)

owncloud/owncloud_server

n/a/n/a

Published Jun 04, 2014

Tracked Since Feb 18, 2026