Multiple security issues were found in owncloud. XSS in Error Page (oC-SA-2017-004) - CVE-2017-8896 A Attacker can inject HTML script code into a error message https://owncloud.org/security/advisory/?id=oc-sa-2017-004 XSS in search dialogue (oC-SA-2017-007) - CVE-2017-9338 Inadequate escaping lead to XSS vulnerability in the search module. To be exploitable an user has to write or paste malicious content into the search dialogue. https://owncloud.org/security/advisory/?id=oc-sa-2017-007
Created owncloud tracking bugs for this issue: Affects: epel-all [bug 1472721] Affects: fedora-all [bug 1472720]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.