2 matches found
XSS in search dialogue - ownCloud
Inadequate escaping lead to XSS vulnerability in the search module. To be exploitable an user has to write or paste malicious content into the search dialogue. Affected Software ownCloud Server 10.0.2 CVE-2017-9338 ownCloud Server 9.1.6 CVE-2017-9338 ownCloud Server 9.0.10 CVE-2017-9338 ownCloud...
Nextcloud: DOM XSS vulnerability in search dialogue (NC-SA-2017-007)
DOM XSS vulnerability in search dialogue NC-SA-2017-007 Risk level: Low CVSS v3 Base Score: 2.6 AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N CWE: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' CWE-79 Description Inadequate escaping lead to XSS vulnerability in the searc...