Preços Enterprise

CVE-2020-8235

4.3MEDIUM

Missing access control in Nextcloud Deck 1.0.4 caused an insecure direct object reference allowing an attacker to view all attachments.

Publicado: 10/5/2020Atualizado: 11/21/2024

Ver no NVD Ver no MITRE

Descrição

Missing access control in Nextcloud Deck 1.0.4 caused an insecure direct object reference allowing an attacker to view all attachments.

Análise IADesenvolvido por IA

Produtos Afetados

nextclouddeck

1.0.4

Referências

https://hackerone.com/reports/916704
ExploitThird Party Advisory
https://nextcloud.com/security/advisory/?id=NC-SA-2020-036
Vendor Advisory
https://hackerone.com/reports/916704
ExploitThird Party Advisory
https://nextcloud.com/security/advisory/?id=NC-SA-2020-036
Vendor Advisory