mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-11 12:56:54 +00:00
1.0 KiB
1.0 KiB
CVE-2016-9466
%20(CWE-79)&color=brighgreen)
Description
Nextcloud Server before 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from Reflected XSS in the Gallery application. The gallery app was not properly sanitizing exception messages from the Nextcloud/ownCloud server. Due to an endpoint where an attacker could influence the error message, this led to a reflected Cross-Site-Scripting vulnerability.
POC
Reference
Github
No PoCs found on GitHub currently.