CVE-2019-15618

Опубликовано: 04 фев. 2020

Источник: debian

Описание

Missing escaping of HTML in the Updater of Nextcloud 15.0.5 allowed a reflected XSS when starting the updater from a malicious location.

Пакет	Статус	Версия исправления	Релиз	Тип
nextcloud-server	itp			package

CVE-2019-15618

CVSS3: 4.8

nvd

около 6 лет назад

Missing escaping of HTML in the Updater of Nextcloud 15.0.5 allowed a reflected XSS when starting the updater from a malicious location.

GHSA-fjhc-75vv-2hgm

github

больше 3 лет назад

Missing escaping of HTML in the Updater of Nextcloud 15.0.5 allowed a reflected XSS when starting the updater from a malicious location.