Vulnerabilities > Owncloud > Owncloud Server > 4.5.5

DATE CVE VULNERABILITY TITLE RISK
2019-12-17 CVE-2013-0202 Cross-site Scripting vulnerability in Owncloud Server
Cross-site scripting (XSS) vulnerability in ownCloud 4.5.5, 4.0.10, and earlier allows remote attackers to inject arbitrary web script or HTML via the action parameter to core/ajax/sharing.php.
network
low complexity
owncloud CWE-79
6.1
2019-11-22 CVE-2013-0203 Cross-site Scripting vulnerability in Owncloud
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.5, 4.0.10, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) unspecified parameters to apps/calendar/ajax/event/new.php or (2) url parameter to apps/bookmarks/ajax/addBookmark.php.
network
low complexity
owncloud CWE-79
5.4