CVE-2012-2398

Priority
Medium
Description
Cross-site scripting (XSS) vulnerability in files/ajax/download.php in
ownCloud before 3.0.3 allows remote attackers to inject arbitrary web
script or HTML via the files parameter, a different vulnerability than
CVE-2012-2269.4.
References
Bugs
Notes
 mdeslaur> owncloud packages in Ubuntu are now empty
Package
Upstream:released (3.0.3)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (4.0.7debian-1ubuntu1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2017-12-14 19:57:33 UTC (commit 13907)