Description

ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2 are vulnerable to XSS on error pages by injecting code in url parameters.

Remediation

References

CVE-2017-8896

Related Vulnerabilities

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-1849)

WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.17)

WordPress Plugin Advanced Woo Search Cross-Site Scripting (2.77)

Family Connections Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-4338)

WordPress Plugin Browser Blocker Cross-Site Scripting (0.5.6)

Severity

Medium

Classification

CVE-2017-8896 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities