Nextcloud: Accessing to from original ip adreess | insecure Download

ID H1:374053
Type hackerone
Reporter hamad_iheb
Modified 2018-07-12T09:31:02


Hi team ,


I found that when I can access from original ip to the web site ,.This disable Https secure connection.


First I make DNS Lookup to find the ip adress has address {F313820} Now When I open The website from I see it's over ssl so Can download securily . {F313821} But when I Enter I also access the site so It's not secure to download . {F313822} Also this disable many protection when downloading .


The user download your app over insecure connection.