Description

ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2 are vulnerable to XSS on error pages by injecting code in url parameters.

Remediation

References

CVE-2017-8896

Related Vulnerabilities

TYPO3 Cleartext Transmission of Sensitive Information Vulnerability (CVE-2022-31046)

Oracle Database Server CVE-2006-1870 Vulnerability (CVE-2006-1870)

Apache HTTP Server Other Vulnerability (CVE-2007-1862)

OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2022-1434)

TYPO3 Improper Input Validation Vulnerability (CVE-2010-5099)

Severity

Medium

Classification

CVE-2017-8896 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities