Two flaws were reported as fixed in ownCloud 4.5.10:
* XSS vulnerability in MediaElement.js (oC-SA-2013-017) 
* Privilege escalation in the contacts application (oC-SA-2013-018)
The XSS issue () has been assigned CVE-2013-1967 . The second issue has not yet been assigned a CVE.
Created owncloud tracking bugs for this issue
Affects: fedora-18 [bug 955308]
Affects: epel-6 [bug 955309]
In fact, issue  was assigned CVE-2013-1963 here:
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.