Nextcloud: SQL injextion via vulnerable doctrine/dbal version
Summary: SQL injection via limit parameter on user facing APIs Steps To Reproduce: Run security scanner: 1. REPORT /remote.php/dav/comments/files/1985 1. XML input oc:filter-comments.oc:limittext was set to 1'" 1. You have an error in your SQL syntax Supporting Material/References: For more detai...