Lucene search
K

66 matches found

OSV
OSV
added 2021/07/27 9:15 p.m.16 views

CVE-2021-32748

Nextcloud Richdocuments in an open source self hosted online office. Nextcloud uses the WOPI "Web Application Open Platform Interface" protocol to communicate with the Collabora Editor, the communication between these two services was not protected by a credentials or IP check. Whilst this does n...

4.3CVSS6.9AI score
Exploits0References3
Prion
Prion
added 2021/07/27 9:15 p.m.17 views

Design/Logic Flaw

Nextcloud Richdocuments in an open source self hosted online office. Nextcloud uses the WOPI "Web Application Open Platform Interface" protocol to communicate with the Collabora Editor, the communication between these two services was not protected by a credentials or IP check. Whilst this does n...

4CVSS4.6AI score0.00986EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/07/27 9:10 p.m.31 views

CVE-2021-32748 WOPI API not protected by credentials/IP check

Nextcloud Richdocuments in an open source self hosted online office. Nextcloud uses the WOPI "Web Application Open Platform Interface" protocol to communicate with the Collabora Editor, the communication between these two services was not protected by a credentials or IP check. Whilst this does n...

4.3CVSS5AI score0.00986EPSS
Exploits0References3
CVE
CVE
added 2021/07/27 9:10 p.m.84 views

CVE-2021-32748

The CVE-2021-32748 issue affects Nextcloud Richdocuments, where WOPI API calls between Richdocuments and Collabora Editor lacked credentials/IP-based access checks. This allowed bypassing watermarks/download protections configured via File Access Control, though it did not grant access to data un...

4.3CVSS4.6AI score0.00986EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2021/07/27 12:0 a.m.5 views

Nextcloud 安全漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Richdocuments that allows remote attackers to access sensitive information on the target system...

4.3CVSS5.1AI score0.00986EPSS
Exploits0References5
Hacker One
Hacker One
added 2020/12/28 10:33 p.m.31 views

Nextcloud: Database error shown to the user when using a long guest name in richdocuments

When sharing a file to a guest and the file is allow for editing, the user is asked to enter a guestname if you enter a really long value for that name you get a database error that displays sensitive information: An exception occurred while executing 'INSERT INTO...

Exploits0
Rows per page
Query Builder