CVE-2017-8896

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2017-8896

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-8896.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-8896

Published

2017-07-17T21:29:00.573Z

Modified

2026-04-10T04:01:20.106122Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2 are vulnerable to XSS on error pages by injecting code in url parameters.

References

Affected packages

Git / github.com/owncloud/core

Affected ranges

Type

GIT

Repo

https://github.com/owncloud/core

Events

Introduced

Last affected

f0767be7e2b1ea5b9e559cb6694fb99500095d39

Introduced

81f694d83e8246d9b6482b773c8bdca675c51828

Last affected

ba1f199865f83f17f35913ccc28611149e3cec84

Introduced

Last affected

9c4b618a17b0f4f06ec0f92f0eff693cf4e7306a

Introduced

ce40499f02717afa0af25bf2f67629a3159a29d3

Fixed

1b8359fca33d002f10e00b6225100071d486e4b6

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.2.11"
        },
        {
            "introduced": "9.0.0"
        },
        {
            "last_affected": "9.0.9"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "9.1.5"
        },
        {
            "introduced": "10.0.0"
        },
        {
            "fixed": "10.0.2"
        }
    ]
}

Affected versions

v1.*

v1.0.0beta1

v10.*

v10.0.0

v10.0.1

v10.0.1RC1

v10.0.1RC2

v10.0.1RC3

v10.0.1RC4

v10.0.1RC5

v10.0.2RC1

v3.*

v3.0

v4.*

v4.0.0

v4.0.0RC

v4.0.0RC2

v4.0.0beta

v4.0.1

v4.0.4

v4.0.5

v4.0.6

v4.5.0

v4.5.0RC1

v4.5.0RC2

v4.5.0RC3

v4.5.0beta3

v4.5.0beta4

v5.*

v5.0.0

v5.0.0RC1

v5.0.0RC2

v5.0.0RC3

v5.0.0alpha1

v5.0.0beta1

v5.0.0beta2

v6.*

v6.0.0RC1

v6.0.0RC2

v6.0.0alpha2

v6.0.0beta2

v6.0.0beta3

v6.0.0beta4

v6.0.0beta5

v7.*

v7.0.0alpha2

v7.0.0beta1

v8.*

v8.0.0

v8.0.0RC1

v8.0.0RC2

v8.0.0alpha1

v8.0.0alpha2

v8.0.0beta1

v8.0.0beta2

v8.1.0alpha1

v8.1.0alpha2

v8.1.0beta1

v8.1.0beta2

v8.1RC2

v8.2.0

v8.2.1

v8.2.10

v8.2.10RC1

v8.2.10RC2

v8.2.11

v8.2.11RC1

v8.2.1RC1

v8.2.1RC2

v8.2.1RC3

v8.2.1RC4

v8.2.2

v8.2.2RC1

v8.2.3

v8.2.3RC1

v8.2.3RC2

v8.2.4

v8.2.4RC1

v8.2.4RC2

v8.2.5RC1

v8.2.5RC2

v8.2.6

v8.2.6RC1

v8.2.7

v8.2.7RC1

v8.2.8

v8.2.8RC1

v8.2.8RC2

v8.2.9

v8.2.9RC1

v8.2.9RC2

v8.2RC1

v8.2RC2

v8.2RC3

v8.2beta1

v9.*

v9.0.0

v9.0.0beta2

v9.0.1

v9.0.1RC1

v9.0.1RC2

v9.0.1beta

v9.0.1beta2

v9.0.2

v9.0.2RC1

v9.0.2RC2

v9.0.3

v9.0.3RC1

v9.0.4

v9.0.4RC1

v9.0.5

v9.0.5RC1

v9.0.5RC2

v9.0.6

v9.0.6RC1

v9.0.6RC2

v9.0.7

v9.0.7RC1

v9.0.8

v9.0.8RC1

v9.0.8RC2

v9.0.9

v9.0.9RC1

v9.0beta1

v9.1.0

v9.1.0RC1

v9.1.0RC2

v9.1.0RC3

v9.1.0RC4

v9.1.0beta1

v9.1.0beta2

v9.1.1

v9.1.1RC1

v9.1.1RC2

v9.1.1RC3

v9.1.2

v9.1.2RC1

v9.1.2RC2

v9.1.3

v9.1.3RC1

v9.1.4

v9.1.4RC1

v9.1.4RC2

v9.1.5

v9.1.5RC1

v9.1.5RC2

vv9.*

vv9.1.4RC1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-8896.json"