Description

ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2 are vulnerable to XSS on error pages by injecting code in url parameters.

Remediation

References

CVE-2017-8896

Related Vulnerabilities

MySQL CVE-2016-5441 Vulnerability (CVE-2016-5441)

WordPress Plugin Chat-Support Board-WordPress Chat Cross-Site Scripting (3.3.4)

Envoy Proxy Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27492)

WebLogic CVE-2020-14883 Vulnerability (CVE-2020-14883)

WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5106)

Severity

Medium

Classification

CVE-2017-8896 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities