cbcvebase.
CVE-2013-2149
published 2014-03-14

CVE-2013-2149: Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.16 and 5.x before 5.0.7 allow remote authenticated users to inject arbitrary web…

PriorityP413low3.5CVSS 2.0
AVNACMAuSCNIPAN
EPSS
1.15%
63.0th percentile
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.16 and 5.x before 5.0.7 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to shared files.

Affected

2 ranges
VendorProductVersion rangeFixed in
owncloudowncloud< 4.0.164.0.16
owncloudowncloud_server>= 5.0.0 < 5.0.75.0.7
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.