CVE-2017-8896

CVE-2017-8896

EPSS 1.2%

ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2 are vulnerable to XSS on error pages by injecting code in url parameters.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://hackerone.com/reports/215410 https://owncloud.org/security/advisory/?id=oc-sa-2017-004 http://www.securityfocus.com/bid/99321