Description

ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2 are vulnerable to XSS on error pages by injecting code in url parameters.

Remediation

References

CVE-2017-8896

Related Vulnerabilities

WordPress Plugin Easy2Map Photos Multiple Vulnerabilities (1.0.9)

phpMyAdmin Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-6300)

Joomla! Core 3.3.x Denial of Service (3.3.0 - 3.3.4)

WordPress Plugin WP Symposium Pro Social Network Multiple Vulnerabilities (15.12)

Oracle JRE CVE-2014-0448 Vulnerability (CVE-2014-0448)

Severity

Medium

Classification

CVE-2017-8896 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities