Improper sanitization of HTML in directory names in the Nextcloud Android app prior to version 3.7.0 allowed to style the directory name in the header bar when using basic HTML.
References
Link | Resource |
---|---|
https://hackerone.com/reports/631227 | Exploit Third Party Advisory |
Configurations
History
03 Nov 2021, 17:50
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-79 |
Information
Published : 2019-07-30 21:15
Updated : 2023-12-10 12:59
NVD link : CVE-2019-5450
Mitre link : CVE-2019-5450
CVE.ORG link : CVE-2019-5450
JSON object : View
Products Affected
nextcloud
- nextcloud