Red Hat Bugzilla – Bug 1472718
CVE-2017-8896 CVE-2017-9338 owncloud: Multiple security issues
Last modified: 2017-07-23 04:19:01 EDT
Multiple security issues were found in owncloud. XSS in Error Page (oC-SA-2017-004) - CVE-2017-8896 A Attacker can inject HTML script code into a error message https://owncloud.org/security/advisory/?id=oc-sa-2017-004 XSS in search dialogue (oC-SA-2017-007) - CVE-2017-9338 Inadequate escaping lead to XSS vulnerability in the search module. To be exploitable an user has to write or paste malicious content into the search dialogue. https://owncloud.org/security/advisory/?id=oc-sa-2017-007
Created owncloud tracking bugs for this issue: Affects: epel-all [bug 1472721] Affects: fedora-all [bug 1472720]