Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-9338 | 1 Owncloud | 1 Owncloud Server | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
| Inadequate escaping lead to XSS vulnerability in the search module in ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2. To be exploitable a user has to write or paste malicious content into the search dialogue. | |||||
| CVE-2017-9340 | 1 Owncloud | 1 Owncloud Server | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
| An attacker is logged in as a normal user and can somehow make admin to delete shared folders in ownCloud Server before 10.0.2. | |||||
| CVE-2017-9339 | 1 Owncloud | 1 Owncloud Server | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| A logical error in ownCloud Server before 10.0.2 caused disclosure of valid share tokens for public calendars. Thus granting an attacker potentially access to publicly shared calendars without knowing the share token. | |||||