Detections
Analytics

CVE-2017-8896

medium

Description

ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2 are vulnerable to XSS on error pages by injecting code in url parameters.

References

https://hackerone.com/reports/215410

http://www.securityfocus.com/bid/99321

https://owncloud.org/security/advisory/?id=oc-sa-2017-004

Details

Source: Mitre, NVD

Published: 2017-07-17

Updated: 2025-04-20

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00379