2 matches found
CVE-2020-8279
Missing validation of server certificates for out-going connections in Nextcloud Social 0.4.0 allowed a man-in-the-middle attack...
CVE-2020-8279
CVE-2020-8279 concerns Nextcloud Social prior to version 0.4.0, where there is missing validation of server certificates for outbound connections. The root cause is that TLS peer verification could be disabled, enabling a man‑in‑the‑middle attack if an attacker could position themselves between t...