{"id":"CVE-2017-5866","details":"The autocomplete feature in the E-Mail share dialog in ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows remote authenticated users to obtain sensitive information via unspecified vectors.","modified":"2026-04-10T04:02:36.363048Z","published":"2017-03-03T15:59:01.337Z","references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/96426"},{"type":"FIX","url":"https://owncloud.org/security/advisory/?id=oc-sa-2017-002"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/owncloud/core","events":[{"introduced":"0"},{"last_affected":"aa914163423247fc38885a7d466325db28edb73f"},{"introduced":"0"},{"last_affected":"8ee2009de36e01a9866404f07722892f84c16e3e"},{"introduced":"0"},{"last_affected":"8f71705c2ec73d396ff8178f088661c3a20988b0"},{"introduced":"0"},{"last_affected":"d60d903e75296950a52a0e25c7cd31f5b55ab68f"},{"introduced":"0"},{"last_affected":"fc18c0506afc85ccfda96c0a17e0616634952701"},{"introduced":"0"},{"last_affected":"f5c39b70d839c1b4ec6bbdfb395a538e24bfe183"},{"introduced":"0"},{"last_affected":"5bb7743f8789a01902c64ded1fde0e5d9d664844"},{"introduced":"0"},{"last_affected":"1b66cbece1d1cb21cb4be58c017e55040af1339f"},{"introduced":"0"},{"last_affected":"3eaa45ddcc61686aa0a4a742c1a00f6ed855697d"},{"introduced":"0"},{"last_affected":"a19a1b3c4997d1b972e029bf0543893763855add"},{"introduced":"0"},{"last_affected":"81f694d83e8246d9b6482b773c8bdca675c51828"},{"introduced":"0"},{"last_affected":"54fc92c37233d248de8da842352c43dffdfc5f8d"},{"introduced":"0"},{"last_affected":"e13d02de2d5d260720b63f3f9ffe87b5aa0dd6c4"},{"introduced":"0"},{"last_affected":"735411d1661f9b62efa4601254ef985a1e90ee76"},{"introduced":"0"},{"last_affected":"6f4931a085bcd26346bdfdf7c5a6f832df78d473"},{"introduced":"0"},{"last_affected":"c8a8cec0080b1ab79db66ce9f26b52bf3c3d576d"},{"introduced":"0"},{"last_affected":"eac87d3dd56303575746cfae6382d609bd51ff6e"},{"introduced":"0"},{"last_affected":"b642b26f7229c99b33e49cde86b38fdc6e8e5f21"},{"introduced":"0"},{"last_affected":"5cc7dd8922747b1626213640461818991360edb1"},{"introduced":"0"},{"last_affected":"d47c589b0429eafa5add3a9ffc1c89f8ecccf9cc"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"8.1.10"},{"introduced":"0"},{"last_affected":"8.2.0"},{"introduced":"0"},{"last_affected":"8.2.1"},{"introduced":"0"},{"last_affected":"8.2.2"},{"introduced":"0"},{"last_affected":"8.2.3"},{"introduced":"0"},{"last_affected":"8.2.4"},{"introduced":"0"},{"last_affected":"8.2.5"},{"introduced":"0"},{"last_affected":"8.2.6"},{"introduced":"0"},{"last_affected":"8.2.7"},{"introduced":"0"},{"last_affected":"8.2.8"},{"introduced":"0"},{"last_affected":"9.0.0"},{"introduced":"0"},{"last_affected":"9.0.1"},{"introduced":"0"},{"last_affected":"9.0.2"},{"introduced":"0"},{"last_affected":"9.0.3"},{"introduced":"0"},{"last_affected":"9.0.4"},{"introduced":"0"},{"last_affected":"9.0.5"},{"introduced":"0"},{"last_affected":"9.0.6"},{"introduced":"0"},{"last_affected":"9.1.0"},{"introduced":"0"},{"last_affected":"9.1.1"},{"introduced":"0"},{"last_affected":"9.1.2"}]}}],"versions":["v1.0.0beta1","v3.0","v4.0.0","v4.0.0RC","v4.0.0RC2","v4.0.0beta","v4.0.1","v4.0.4","v4.0.5","v4.0.6","v4.5.0","v4.5.0RC1","v4.5.0RC2","v4.5.0RC3","v4.5.0beta3","v4.5.0beta4","v5.0.0","v5.0.0RC1","v5.0.0RC2","v5.0.0RC3","v5.0.0alpha1","v5.0.0beta1","v5.0.0beta2","v6.0.0RC1","v6.0.0RC2","v6.0.0alpha2","v6.0.0beta2","v6.0.0beta3","v6.0.0beta4","v6.0.0beta5","v7.0.0alpha2","v7.0.0beta1","v8.0.0","v8.0.0RC1","v8.0.0RC2","v8.0.0alpha1","v8.0.0alpha2","v8.0.0beta1","v8.0.0beta2","v8.1.0","v8.1.0alpha1","v8.1.0alpha2","v8.1.0beta1","v8.1.0beta2","v8.1.1","v8.1.10","v8.1.10RC1","v8.1.1RC1","v8.1.1beta","v8.1.1beta1","v8.1.2","v8.1.2RC1","v8.1.3","v8.1.4","v8.1.4RC1","v8.1.4RC2","v8.1.5","v8.1.5RC1","v8.1.6","v8.1.6RC1","v8.1.6RC2","v8.1.7","v8.1.7RC1","v8.1.7RC2","v8.1.8RC1","v8.1.8RC2","v8.1.9","v8.1.9RC1","v8.1.9RC2","v8.1RC2","v8.2.0","v8.2.1","v8.2.1RC1","v8.2.1RC2","v8.2.1RC3","v8.2.1RC4","v8.2.2","v8.2.2RC1","v8.2.3","v8.2.3RC1","v8.2.3RC2","v8.2.4","v8.2.4RC1","v8.2.4RC2","v8.2.5","v8.2.5RC1","v8.2.5RC2","v8.2.6","v8.2.6RC1","v8.2.7","v8.2.7RC1","v8.2.8","v8.2.8RC1","v8.2.8RC2","v8.2RC1","v8.2RC2","v8.2RC3","v8.2beta1","v9.0.0","v9.0.0RC1","v9.0.0RC2","v9.0.0RC3","v9.0.0beta2","v9.0.1","v9.0.1RC1","v9.0.1RC2","v9.0.1beta","v9.0.1beta2","v9.0.2","v9.0.2RC1","v9.0.2RC2","v9.0.3","v9.0.3RC1","v9.0.4","v9.0.4RC1","v9.0.5","v9.0.5RC1","v9.0.5RC2","v9.0.6","v9.0.6RC1","v9.0.6RC2","v9.0beta1","v9.1.0","v9.1.0RC1","v9.1.0RC2","v9.1.0RC3","v9.1.0RC4","v9.1.0beta1","v9.1.0beta2","v9.1.1","v9.1.1RC1","v9.1.1RC2","v9.1.1RC3","v9.1.2","v9.1.2RC1","v9.1.2RC2"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-5866.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}]}