Lucene search
Luis TeixeiraNC-SA-2021-002HistoryNov 18, 2020 - 12:00 a.m.
Stored XSS in markdown file with Nextcloud Talk using Internet Explorer (NC-SA-2021-002)
2020-11-1800:00:00
Luis Teixeira
nextcloud.com
21
0.001 Low
EPSS
Percentile
21.8%
A missing link validation in Nextcloud Server 20.0.1 allowed to execute a stored XSS attack on Internet Explorer users by saving a javascript url in a Markdown.
| CPE | Name | Operator | Version |
|---|---|---|---|
| nextcloud server | lt | 20.0.2 | |
| nextcloud server | lt | 19.0.5 | |
| nextcloud server | lt | 18.0.11 |
Related
prion
prion
Format string
2021-02-03 17:15:00
osv
osv
CVE-2020-8294
2021-02-03 17:15:16
nvd
nvd
CVE-2020-8294
2021-02-03 17:15:16
hackerone
hackerone
cve
cve
CVE-2020-8294
2021-02-03 17:15:16
cvelist
cvelist
CVE-2020-8294
2021-02-03 16:42:57
openvas
openvas
Nextcloud Server Multiple Vulnerabilities (NC-SA-2021-001, NC-SA-2021-002)
2021-01-28 00:00:00
openSUSE: Security Advisory for nextcloud (openSUSE-SU-2021:0262-1)
2021-04-16 00:00:00
openSUSE: Security Advisory for nextcloud (openSUSE-SU-2021:1068-1)
2021-07-21 00:00:00
nessus
nessus
openSUSE Security Update : nextcloud (openSUSE-2021-262)
2021-02-09 00:00:00
openSUSE 15 Security Update : nextcloud (openSUSE-SU-2021:1068-1)
2021-07-21 00:00:00
suse
suse
Security update for nextcloud (moderate)
2021-02-11 00:00:00
Security update for nextcloud (moderate)
2021-02-08 00:00:00
Security update for nextcloud (important)
2021-07-21 00:00:00