Cross-site Scripting (XSS)

2022-12-0505:27:07

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

cross-site scripting

nextcloud

desktop client

html

injection

vulnerability

software

EPSS

0.001

Percentile

34.1%

JSON

nextcloud-desktop is vulnerable to cross-site scripting. An attacker can inject and execute malicious HyperText Markup Language into the Desktop Client application

References

github.com/nextcloud/desktop/pull/4972

github.com/nextcloud/security-advisories/security/advisories/GHSA-92p9-x79h-2mj8

hackerone.com/reports/1711847

security-tracker.debian.org/tracker/CVE-2022-39333

EPSS

0.001

Percentile

34.1%

JSON

Related for VERACODE:38334