{"id":"CVE-2017-0888","details":"Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Content-Spoofing vulnerability in the \"files\" app. The top navigation bar displayed in the files list contained partially user-controllable input leading to a potential misrepresentation of information.","modified":"2026-04-10T03:54:32.093949Z","published":"2017-04-05T20:59:00.367Z","references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/97491"},{"type":"ADVISORY","url":"https://hackerone.com/reports/179073"},{"type":"FIX","url":"https://nextcloud.com/security/advisory/?id=nc-sa-2017-006"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/nextcloud/server","events":[{"introduced":"0"},{"last_affected":"36750094f8b1a2f3bb24ac46348a639fc6197f9c"},{"introduced":"0"},{"last_affected":"6849d7235ef1acd2293382cc170a82c55c6bb3ba"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"9.0.54"},{"introduced":"0"},{"last_affected":"10.0.2"}]}}],"versions":["v1.0.0beta1","v10.0.0","v10.0.1","v10.0.1RC1","v10.0.2","v10.0RC1","v3.0","v4.0.0","v4.0.0RC","v4.0.0RC2","v4.0.0beta","v4.0.1","v4.0.4","v4.0.5","v4.0.6","v4.5.0","v4.5.0RC1","v4.5.0RC2","v4.5.0RC3","v4.5.0beta3","v4.5.0beta4","v5.0.0","v5.0.0RC1","v5.0.0RC2","v5.0.0RC3","v5.0.0alpha1","v5.0.0beta1","v5.0.0beta2","v6.0.0RC1","v6.0.0RC2","v6.0.0alpha2","v6.0.0beta2","v6.0.0beta3","v6.0.0beta4","v6.0.0beta5","v7.0.0alpha2","v7.0.0beta1","v8.0.0","v8.0.0RC1","v8.0.0RC2","v8.0.0alpha1","v8.0.0alpha2","v8.0.0beta1","v8.0.0beta2","v8.1.0alpha1","v8.1.0alpha2","v8.1.0beta1","v8.1.0beta2","v8.1RC2","v8.2RC1","v8.2beta1","v9.0.0","v9.0.0RC1","v9.0.0RC2","v9.0.0RC3","v9.0.0beta2","v9.0.1","v9.0.1RC1","v9.0.1RC2","v9.0.1beta","v9.0.2","v9.0.2RC1","v9.0.2RC2","v9.0.50","v9.0.51","v9.0.52","v9.0.52RC1","v9.0.54","v9.0.54RC1","v9.0beta1","v9.1.0beta1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-0888.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}]}