Back to search
CVE-2017-0888
Published: Apr 5, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Content-Spoofing vulnerability in the "files" app. The top navigation bar displayed in the files list contained partially user-controllable input leading to a potential misrepresentation of information.
| Vendor | Product | Versions |
|---|---|---|
Nextcloud | Nextcloud Server | affected All versions before 9.0.55 and 10.0.2 |
Weaknesses (CWE)
References
https://hackerone.com/reports/179073
x_refsource_MISC
https://nextcloud.com/security/advisory/?id=nc-sa-2017-006
x_refsource_CONFIRM
97491
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now