Lucene search
Manuel Mancera – Vulnerability discovery and disclosure.OWNCLOUD:3595081DFB01381409FDF6CF732D9F4DHistoryMay 31, 2017 - 11:40 a.m.
XSS in Error Page - ownCloud
2017-05-3111:40:35
Manuel Mancera – Vulnerability discovery and disclosure.
owncloud.org
489
0.001 Low
EPSS
Percentile
43.4%
A Attacker can inject HTML script code into a error message
Affected Software
- ownCloud Server < 10.0.2 (CVE-2017-8896)
- ownCloud Server < 9.1.6 (CVE-2017-8896)
- ownCloud Server < 9.0.10 (CVE-2017-8896)
- ownCloud Server < 8.2.12 (CVE-2017-8896)
Action Taken
Escape output
Acknowledgements
The ownCloud team thanks the following people for their research and responsible disclosure of the above advisory:
- Manuel Mancera - Vulnerability discovery and disclosure.
| CPE | Name | Operator | Version |
|---|---|---|---|
| owncloud server | lt | 10.0.2 |
Related
owncloud
owncloud
XSS in Error Page - ownCloud security advisory
2017-05-31 00:00:00
XSS in Error Page - ownCloud
2017-05-31 11:36:30
Server: XSS in Error Page
2017-05-31 10:39:57
cve
cve
CVE-2017-8896
2017-07-17 21:29:00
prion
prion
Design/Logic Flaw
2017-07-17 21:29:00
cvelist
cvelist
CVE-2017-8896
2017-07-17 21:00:00
ubuntucve
ubuntucve
CVE-2017-8896
2017-07-17 00:00:00
osv
osv
CVE-2017-8896
2017-07-17 21:29:00
nvd
nvd
CVE-2017-8896
2017-07-17 21:29:00
openvas
openvas
ownCloud Multiple XSS Vulnerabilities
2017-07-19 00:00:00