4 matches found
Nextcloud OfficeOnline Information Disclosure Vulnerability
Nextcloud is an open source, self-hosted file synchronization and sharing communications application platform from Nextcloud Germany. nextcloud OfficeOnline applications prior to version 1.1.1 are vulnerable to an information disclosure vulnerability in which the vulnerable application returns...
CVE-2021-39224
Nextcloud is an open-source, self-hosted productivity platform. The Nextcloud OfficeOnline application prior to version 1.1.1 returned verbatim exception messages to the user. This could result in a full path disclosure on shared files. e.g. an attacker could see that the file shared.txt is locat...
CVE-2021-39224
CVE-2021-39224 affects the Nextcloud OfficeOnline application prior to version 1.1.1, where verbatim exception messages could disclose full paths of shared files (e.g., /files/$username/...). The vulnerability is an information disclosure issue in OfficeOnline within Nextcloud. Remediation as doc...
CVE-2021-32734
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, the Nextcloud Text application shipped with Nextcloud Server returned verbatim exception messages to the user. This could result in a full path disclosure on shared files. The issu...