ownCloud Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2017-8896

ownCloud Server before 8.2.12 9.0.x before 9.0.10 9.1.x before 9.1.6 and 10.0.x before 10.0.2 are vulnerable to XSS on error pages by injecting code in url parameters.