CVE-2020-8180

2020-06-0813:08:19

CWE-94

hackerone

www.cve.org

9.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.1%

JSON

A too lax check in Nextcloud Talk 6.0.4, 7.0.2 and 8.0.7 allowed a code injection when a not correctly sanitized talk command was added by an administrator.

CNA Affected

[
  {
    "product": "Nextcloud Talk",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Fixed in >= 8.0.8"
      }
    ]
  }
]