Security Advisory

Back to advisories

XSS in "Share Interface" (oC-SA-2013-029)

9th July 2013

Risk level: Medium


Multiple stored and reflected XSS have been adressed.

Affected Software

  • ownCloud Server < 5.0.8 ()

Action Taken


The ownCloud team thanks the following people for their research and responsible disclosure of the above advisory:

  • Lukas Reschke - ownCloud Inc. ( - Vulnerability discovery and disclosure.