384 matches found
Contacts - PHOTO svg only sanitized if mime type is all lower case
None...
Command Injection in Appointment Emails for Calendar
None...
Unauthenticated SSRF in 3rd party module "cerdic/csstidy"
None...
Attacker can obtain write access to any federated share/public link
None...
Potential directory traversal in OC\Files\Node\Folder::getFullPath
None...
Default share permissions not respected for federated reshares
None...
Can reshare read&share only folder with more permissions
None...
Blind SSRF via server URL input in the Nextcloud Mail app
None...
Application specific tokens can change their own scope
None...
App pin of the iOS app can be bypassed
None...
DNS pin middleware can be tricked into DNS rebinding allowing SSRF
None...
Issuer not verified from obtained token in user_oidc
None...
Folder names of "File Drop" share accessible
None...
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in Server
None...
Blind SSRF in the Mail app on avatar endpoint
None...
CSRF vulnerability in Nextcloud Desktop Client on Windows when clicking malicious link
None...
XSS through image upload on contacts using svg file with png extension (NC-SA-2020-044)
A missing file type check in Nextcloud Contacts 3.4.0 allowed a malicious user to upload SVG files as PNG files to perform XSS attacks...
Missing password confirmation when creating app passwords
None...
Advanced permissions not respected when copying entire group folders
None...
Desktop clients misbehaves with end-to-end encryption when the server returns an empty list of metadata keys
None...
Suspicious login app ships old league/flysystem version
None...
Authentication header is passed on by Nextcloud Server due to a vulnerable GuzzleHTTP version
None...
Password reset endpoint is not brute force protected
None...
Deck card reference caching can leak data to unauthorized users
None...
Untrusted Search Path in Nextcloud Desktop Client
None...
Secure view can be bypassed by using internal API endpoint
None...
Document content of files can be obtained through Collabora for files of other users
None...
XSS in Files PDF viewer (NC-SA-2020-019)
An outdated 3rd party library in the Files PDF viewer for Nextcloud Server 18.0.2 caused a Cross-site scripting vulnerability when opening a malicious PDF...
Session Fixation in Nextcloud Talk
None...
User password is available in memory of the PHP process
None...
CSRF protection on user_oidc login returned the expected token in case of an error
None...
Force an admin to install recommended applications
None...
File Drop can be bypassed using Richdocuments app
None...
Open redirect on "Unsupported browser" warning
None...
End-to-End encrypted file-drops can be made inaccessible
None...
Talk app did allow access to sensitive chat messages on lockscreen
None...
Events information leaked with shared calendars on recurrence exceptions
None...
Bruteforce protection can be bypassed with misconfigured proxy
None...
Notes attachment render HTML in preview mode
None...
Server-Side Request Forgery (SSRF) via potential filter bypass with too lax local domain checking
None...
Password disclosure in log file when providing incorrect additional data on initial setup of Mail App
None...
Bypass of password requirements when sharing a folder via the Circles app
None...
Preview generation used third-party library not suited for user-generated content
None...
Second factor not requested after session timeout
None...
User session not correctly destroyed on logout
None...
user_oidc app is missing bruteforce protection
None...
Chat poll data can still be queried from API after purging history of a chat converstion
None...
Previews are accessible without a watermark
None...
Control character filtering misses leading and trailing whitespace in file and folder names
None...
Chat room membership disclosed via autocompletion when not a member yourself
None...