Owncloud: >> Owncloud >> 8.1.12 Security Vulnerabilities
ownCloud server before 8.2.6 and 9.x before 9.0.3, when the gallery app is enabled, allows remote attackers to download arbitrary images via a direct request.
CVSS Score
5.9
EPSS Score
0.003
Published
2017-01-23
Cross-site scripting (XSS) vulnerability in share.js in the gallery application in ownCloud Server before 9.0.4 and Nextcloud Server before 9.0.52 allows remote authenticated users to inject arbitrary web script or HTML via a crafted directory name.
CVSS Score
5.4
EPSS Score
0.002
Published
2016-09-17
Page 3