Lucene search
Redhat.comRH:CVE-2019-15618HistoryMay 21, 2022 - 12:15 a.m.
CVE-2019-15618
2022-05-2100:15:43
redhat.com
access.redhat.com
14
0.006 Low
EPSS
Percentile
78.7%
Missing escaping of HTML in the Updater of Nextcloud 15.0.5 allowed a reflected XSS when starting the updater from a malicious location.
Related
nessus
nessus
openSUSE Security Update : nextcloud (openSUSE-2020-220)
2020-02-18 00:00:00
suse
suse
Security update for nextcloud (moderate)
2020-02-15 00:00:00
Security update for nextcloud (moderate)
2020-02-17 00:00:00
openvas
openvas
openSUSE: Security Advisory for nextcloud (openSUSE-SU-2020:0220-1)
2020-02-16 00:00:00
Mageia: Security Advisory (MGASA-2020-0099)
2022-01-28 00:00:00
nextcloud
nextcloud
Workflow rules only check the file extension for the mimetype instead of the content (NC-SA-2020-002)
2019-12-04 00:00:00
User IDs and Nextcloud server leaked to Nextcloud Lookup server with disabled settings (NC-SA-2019-016)
2019-06-26 00:00:00
Reflected XSS in redirect of the Updater (NC-SA-2020-007)
2019-03-26 00:00:00
nvd
nvd
prion
prion
Input validation
2020-02-04 20:15:00
Design/Logic Flaw
2020-02-04 20:15:00
Cross site scripting
2020-02-04 20:15:00
cvelist
cvelist
cve
cve
osv
osv
hackerone
hackerone
Nextcloud: Group admins can remove arbitrary data from "data" directory (including admin data)
2019-03-12 15:48:46
Nextcloud: Bypass configured 2FA provider with another provider that can be set up at login
2019-10-25 12:14:03
Nextcloud: 2FA Session not expires after the password reset
2019-01-26 17:24:41
mageia
mageia
Updated nextcloud packages fix security vulnerability
2020-02-25 00:44:46