4 matches found
Malicious code in spid-sharing-panel (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1c50247128ddc6b0f537f31cc3dc2ab87a15e41c40657a63a978fa0037bd8f1e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10864 Malicious code in spid-sharing-panel (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1c50247128ddc6b0f537f31cc3dc2ab87a15e41c40657a63a978fa0037bd8f1e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Code injection
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.11, 20.0.10, and 21.0.2, an attacker is able to convert a Files Drop link to a federated share. This causes an issue on the UI side of the sharing user. When the sharing user opens the sharing panel and...
CVE-2021-32655 Files Drop public link can be added as federated share
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.11, 20.0.10, and 21.0.2, an attacker is able to convert a Files Drop link to a federated share. This causes an issue on the UI side of the sharing user. When the sharing user opens the sharing panel and...