4969 matches found
CVE-2020-8189
A cross-site scripting error in Nextcloud Desktop client 2.6.4 allowed to present any html including local links when responding with invalid data on the login attempt...
DEBIAN-CVE-2020-8189
A cross-site scripting error in Nextcloud Desktop client 2.6.4 allowed to present any html including local links when responding with invalid data on the login attempt...
CVE-2020-8227
Missing sanitization of a server response in Nextcloud Desktop Client 2.6.4 for Linux allowed a malicious Nextcloud Server to store files outside of the dedicated sync directory...
DEBIAN-CVE-2020-8227
Missing sanitization of a server response in Nextcloud Desktop Client 2.6.4 for Linux allowed a malicious Nextcloud Server to store files outside of the dedicated sync directory...
CVE-2020-8189
A cross-site scripting error in Nextcloud Desktop client 2.6.4 allowed to present any html including local links when responding with invalid data on the login attempt...
CVE-2020-8227
Missing sanitization of a server response in Nextcloud Desktop Client 2.6.4 for Linux allowed a malicious Nextcloud Server to store files outside of the dedicated sync directory...
Cross site scripting
A cross-site scripting error in Nextcloud Desktop client 2.6.4 allowed to present any html including local links when responding with invalid data on the login attempt...
Directory traversal
Missing sanitization of a server response in Nextcloud Desktop Client 2.6.4 for Linux allowed a malicious Nextcloud Server to store files outside of the dedicated sync directory...
UBUNTU-CVE-2020-8227
Missing sanitization of a server response in Nextcloud Desktop Client 2.6.4 for Linux allowed a malicious Nextcloud Server to store files outside of the dedicated sync directory...
UBUNTU-CVE-2020-8189
A cross-site scripting error in Nextcloud Desktop client 2.6.4 allowed to present any html including local links when responding with invalid data on the login attempt...
CVE-2020-8189
CVE-2020-8189 affects Nextcloud Desktop Sync client (Nextcloud Desktop client) 2.6.4, where an XSS on the login response could render arbitrary HTML, including local links. Root cause: cross-site scripting in the login handling. Impact stated in connected docs: ability to present HTML content in ...
CVE-2020-8189
A cross-site scripting error in Nextcloud Desktop client 2.6.4 allowed to present any html including local links when responding with invalid data on the login attempt...
CVE-2020-8189
A cross-site scripting error in Nextcloud Desktop client 2.6.4 allowed to present any html including local links when responding with invalid data on the login attempt...
CVE-2020-8227
Nextcloud Desktop Client for Linux (2.6.4) is affected. The root cause is missing sanitization of a server response, which allows a malicious Nextcloud Server to store files outside the dedicated sync directory (directory traversal). Impact is potential leakage/exfiltration of files outside the s...
CVE-2020-8227
Missing sanitization of a server response in Nextcloud Desktop Client 2.6.4 for Linux allowed a malicious Nextcloud Server to store files outside of the dedicated sync directory...
CVE-2020-8227
Missing sanitization of a server response in Nextcloud Desktop Client 2.6.4 for Linux allowed a malicious Nextcloud Server to store files outside of the dedicated sync directory...
PT-2020-20039 · Nextcloud · Nextcloud Desktop Client
Name of the Vulnerable Software and Affected Versions: Nextcloud Desktop Client version 2.6.4 Description: The issue is related to missing sanitization of a server response in the Nextcloud Desktop Client, which allows a malicious Nextcloud Server to store files outside of the dedicated sync...
PT-2020-20013 · Nextcloud +1 · Nextcloud Desktop Client +1
Name of the Vulnerable Software and Affected Versions: Nextcloud Desktop client version 2.6.4 Description: A cross-site scripting error in the Nextcloud Desktop client allowed an attacker to present any HTML, including local links, when responding with invalid data on a login attempt...
Nextcloud: Denial of Service when entring an Array in email at seetings
in settings https://demo2.nextcloud.com/index.php/settings/users/TweLbFT93aqRnEfF/settings when you submit the request with email value Array the server return 500 Internal Server Error Poc video: F954435 Impact denial a service attack on the server. This may lead to the website becoming slow or...
NextCloud Desktop Client Buffer Overflow Vulnerability
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A buffer overflow vulnerability exists in NextCloud Desktop Client version v2.6.4. The vulnerability stems from a network system or product performing...