Candidate: CVE-2013-2040
PublicDate: 2014-03-14 16:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2040
 http://owncloud.org/about/security/advisories/oC-SA-2013-021/
Description:
 Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before
 4.0.15, 4.5.x before 4.5.11, and 5.0.x before 5.0.6 allow remote
 authenticated users to inject arbitrary web script or HTML via unspecified
 vectors.
Ubuntu-Description:
Notes:
 mdeslaur> owncloud packages in Ubuntu are now empty
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_owncloud:
upstream_owncloud: released (5.0.6)
lucid_owncloud: DNE
precise_owncloud: not-affected
quantal_owncloud: ignored (reached end-of-life)
raring_owncloud: ignored (reached end-of-life)
saucy_owncloud: not-affected (5.0.10+dfsg-1ubuntu1)
trusty_owncloud: not-affected (6.0.1+dfsg-1ubuntu1)
trusty/esm_owncloud: DNE (trusty was not-affected [6.0.1+dfsg-1ubuntu1])
utopic_owncloud: DNE
vivid_owncloud: DNE
wily_owncloud: DNE
devel_owncloud: DNE