Multiple XSS vulnerabilities (oC-SA-2013-021)


AFFECTED SOFTWARE

  • ownCloud Server < 5.0.6 (CVE-2013-2040, CVE-2013-2041, CVE-2013-2042)
  • ownCloud Server < 4.5.11 (CVE-2013-2040, CVE-2013-2042)
  • ownCloud Server < 4.0.15 (CVE-2013-2040, CVE-2013-2042)

RISK

  • Medium

COMMITS

CVE-2013-2040

CVE-2013-2041

CVE-2013-2042

DESCRIPTION

Cross-site scripting (XSS) vulnerabilities in multiple files inside the media application via multiple unspecified vectors in all ownCloud versions prior to 5.0.6 and other versions before 4.0.15 allows authenticated remote attackers to inject arbitrary web script or HTML. (CVE-2013-2040)

Cross-site scripting (XSS) vulnerabilities in (1) apps/bookmarks/ajax/editBookmark.php via the “tag” GET parameter (CVE-2013-2041) and in (2) apps/files/js/files.js via the “dir” GET parameter to apps/files/ajax/newfile.php (CVE-2013-2041) in ownCloud 5.0.x before 5.0.6 allows authenticated remote attackers to inject arbitrary web script or HTML.

Cross-site scripting (XSS) vulnerabilities in (1) apps/bookmarks/ajax/addBookmark.php via the “url” GET parameter and in (2) apps/bookmarks/ajax/editBookmark.php via the “url” POST parameter in ownCloud 5.0.x before 5.0.6 allows authenticated remote attackers to inject arbitrary web script or HTML. (CVE-2013-2042)

Credits

The ownCloud Team would like to thank Mateusz Goik (aliantsoft.pl / CVE-2013-2040 / CVE-2013-2041) and Kacper R. (http://devilteam.pl / CVE-2013-2042) for discovering this vulnerabilities.

RESOLUTION

Update to ownCloud Server 5.0.6, 4.5.11 or 4.0.15
http://download.owncloud.org/community/owncloud-5.0.6.tar.bz2
http://download.owncloud.org/community/owncloud-4.5.11.tar.bz2
http://download.owncloud.org/community/owncloud-4.0.15.tar.bz2