CVE-2017-9338
- Source
- https://cve.org/CVERecord?id=CVE-2017-9338
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-9338.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-9338
- Published
- 2017-07-17T21:29:00.603Z
- Modified
- 2026-03-14T09:28:08.102364Z
- Severity
-
- 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Inadequate escaping lead to XSS vulnerability in the search module in ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2. To be exploitable a user has to write or paste malicious content into the search dialogue.
- References
Affected packages
Git / github.com/owncloud/core
Affected versions
v10.*
v10.0.0
v10.0.1
v10.0.1RC1
v10.0.1RC2
v10.0.1RC3
v10.0.1RC4
v10.0.1RC5
v10.0.2RC1
v9.*
v9.0.0
v9.0.1
v9.0.10RC1
v9.0.1RC1
v9.0.1RC2
v9.0.1beta
v9.0.2
v9.0.2RC1
v9.0.2RC2
v9.0.3
v9.0.3RC1
v9.0.4
v9.0.4RC1
v9.0.5
v9.0.5RC1
v9.0.5RC2
v9.0.6
v9.0.6RC1
v9.0.6RC2
v9.0.7
v9.0.7RC1
v9.0.8
v9.0.8RC1
v9.0.8RC2
v9.0.9
v9.0.9RC1
v9.1.0
v9.1.1
v9.1.1RC1
v9.1.1RC2
v9.1.1RC3
v9.1.2
v9.1.2RC1
v9.1.2RC2
v9.1.3
v9.1.3RC1
v9.1.4
v9.1.4RC1
v9.1.4RC2
v9.1.5
v9.1.5RC1
v9.1.5RC2
v9.1.6RC1
vv9.*
vv9.1.4RC1