Lucene search
Tim CoenNC-SA-2020-010HistoryJul 29, 2019 - 12:00 a.m.
Improper neutralization of item names in projects feature (NC-SA-2020-010)
2019-07-2900:00:00
Tim Coen
nextcloud.com
7
0.001 Low
EPSS
Percentile
38.7%
Improper neutralization of file names, conversation names and board names in Nextcloud Server 16.0.3, Nextcloud Talk 6.0.3 and Nextcloud Deck 0.6.5 causes an XSS when linking them with each others in a project.
| CPE | Name | Operator | Version |
|---|---|---|---|
| nextcloud deck | lt | 0.6.6 |
Related
cve
cve
CVE-2019-15619
2020-02-04 20:15:12
prion
prion
Input validation
2020-02-04 20:15:00
nextcloud
nextcloud
Improper neutralization of item names in projects feature (NC-SA-2020-008)
2019-07-29 00:00:00
Improper neutralization of item names in projects feature (NC-SA-2020-009)
2019-07-29 00:00:00
osv
osv
CVE-2019-15619
2020-02-04 20:15:12
cvelist
cvelist
CVE-2019-15619
2020-02-04 19:08:57
nvd
nvd
CVE-2019-15619
2020-02-04 20:15:12
openvas
openvas
Nextcloud Server < 16.0.4 XSS Vulnerability (NC-SA-2020-008)
2020-02-05 00:00:00
hackerone
hackerone
Nextcloud: Persistent XSS via filename in projects
2019-07-28 10:22:56
rosalinux
rosalinux
Advisory ROSA-SA-2021-1983
2021-07-02 18:14:14