Arbitrary Script Injection in ownCloud Server 6.0.x Documents Component

Arbitrary Script Injection in ownCloud Server 6.0.x Documents Component

CVE-2014-3832 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in the Documents component in ownCloud Server 6.0.x before 6.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to the print_unescaped function.

Learn more about our Web App Pen Testing.