583682 – <www-apps/owncloud-{7.0.15,8.0.13,8.1.8,8.2.5}: reflective XSS vulnerability

Bug 583682 - <www-apps/owncloud-{7.0.15,8.0.13,8.1.8,8.2.5}: reflective XSS vulnerability

Summary: <www-apps/owncloud-{7.0.15,8.0.13,8.1.8,8.2.5}: reflective XSS vulnerability

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal trivial (vote)
Assignee:	Gentoo Security

URL:	https://owncloud.org/blog/mediaelemen...
Whiteboard:	~4 [noglsa]
Keywords:

Depends on:
Blocks:

Reported:	2016-05-21 16:24 UTC by Kristian Fiskerstrand (RETIRED)
Modified:	2016-05-23 20:23 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Kristian Fiskerstrand (RETIRED) gentoo-dev

2016-05-21 16:24:35 UTC

Version 8.2.5 May 13 2016
    webdav / files broken after upgrade to 8.2.4 #24487
    Addressed XSS issues in the files_videoviewer app

Version 8.1.8 May 13 2016
    Addressed XSS issues in the files_videoviewer app

Version 8.0.13 May 13 2016
    Addressed XSS issues in the files_videoviewer app

Version 7.0.15 May 13 2016
    Addressed XSS issues in the files_videoviewer app

Comment 1 Bernard Cafarelli gentoo-dev

2016-05-23 18:14:32 UTC

New versions in tree, vulnerable ones removed from tree. Thanks to my "stable" owncloud user ;)

Comment 2 Kristian Fiskerstrand (RETIRED) gentoo-dev

2016-05-23 20:23:08 UTC

(In reply to Bernard Cafarelli from comment #1)
> New versions in tree, vulnerable ones removed from tree. Thanks to my
> "stable" owncloud user ;)

Thanks :)