CVE-2020-8279
CVE-2020-8279 concerns Nextcloud Social prior to version 0.4.0, where there is missing validation of server certificates for outbound connections. The root cause is that TLS peer verification could be disabled, enabling a man‑in‑the‑middle attack if an attacker could position themselves between t...