Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Content-Spoofing vulnerability in the "files" app. The top navigation bar displayed in the files list contained partially user-controllable input leading to a potential misrepresentation of information.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/97491 | Third Party Advisory VDB Entry |
https://hackerone.com/reports/179073 | Third Party Advisory |
https://nextcloud.com/security/advisory/?id=nc-sa-2017-006 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
06 Oct 2022, 18:21
Type | Values Removed | Values Added |
---|---|---|
References | (BID) http://www.securityfocus.com/bid/97491 - Third Party Advisory, VDB Entry |
27 Sep 2022, 14:04
Type | Values Removed | Values Added |
---|---|---|
First Time |
Nextcloud nextcloud Server
|
|
CPE | cpe:2.3:a:nextcloud:nextcloud_server:10.0.2:*:*:*:*:*:*:* |
Information
Published : 2017-04-05 20:59
Updated : 2023-12-10 12:01
NVD link : CVE-2017-0888
Mitre link : CVE-2017-0888
CVE.ORG link : CVE-2017-0888
JSON object : View
Products Affected
nextcloud
- nextcloud_server
- nextcloud