2 matches found
CVE-2020-8181
A missing file type check in Nextcloud Contacts 3.2.0 allowed a malicious user to upload any file as avatars...
CVE-2020-8181
CVE-2020-8181 affects Nextcloud Contacts 3.2.0. A missing file type check in the avatar upload feature allows uploading arbitrary files, as confirmed by multiple sources (Nextcloud advisory NC-SA-2020-024; Red Hat/CVE mapping; CNVD/NVD entries; HackerOne report). Consequences include potential up...