CVE-2020-8228

A missing rate limit in the Preferred Providers app 1.7.0 allowed an attacker to set the password an uncontrolled amount of times...

openSUSE Security Update : nextcloud (openSUSE-2020-1652)

This update for nextcloud fixes the following issues : nextcloud version 20.0.0 fix some security issues : - NC-SA-2020-037 PIN for passwordless WebAuthm is asked for but not verified - NC-SA-2020-033 CVE-2020-8228 Missing rate limit on signup page - NC-SA-2020-029 CVE-2020-8233, boo1177346...

openSUSE: Security Advisory for nextcloud (openSUSE-SU-2020:1652-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2020-8228

A missing rate limit in the Preferred Providers app 1.7.0 allowed an attacker to set the password an uncontrolled amount of times...

CVE-2020-8228

A missing rate limit in the Preferred Providers app 1.7.0 allowed an attacker to set the password an uncontrolled amount of times...

CVE-2020-8228

CVE-2020-8228 describes a missing rate limit on the signup page in the Nextcloud Preferred Providers app (version 1.7.0), allowing an attacker to repeatedly set the password. The OpenSUSE security advisory (NC-SA-2020-033) and related OSS notes confirm this CVE and indicate it was addressed in th...