CVE-2020-8235
4.3MEDIUMMissing access control in Nextcloud Deck 1.0.4 caused an insecure direct object reference allowing an attacker to view all attachments.
게시됨: 10/5/2020업데이트됨: 11/21/2024
설명
Missing access control in Nextcloud Deck 1.0.4 caused an insecure direct object reference allowing an attacker to view all attachments.
AI 분석AI 기반
영향받는 제품
nextclouddeck
1.0.4
참조
- https://hackerone.com/reports/916704ExploitThird Party Advisory
- https://nextcloud.com/security/advisory/?id=NC-SA-2020-036Vendor Advisory
- https://hackerone.com/reports/916704ExploitThird Party Advisory
- https://nextcloud.com/security/advisory/?id=NC-SA-2020-036Vendor Advisory