← back
CVE-2017-0888

CVE-2017-0888

EPSS 1.5%CWE-451
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Content-Spoofing vulnerability in the "files" app. The top navigation bar displayed in the files list contained partially user-controllable input leading to a potential misrepresentation of information.
Affected products
Nextcloud · Nextcloud Server

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://hackerone.com/reports/179073https://nextcloud.com/security/advisory/?id=nc-sa-2017-006http://www.securityfocus.com/bid/97491