Описание
Violation of Secure Design Principles in the iOS App 2.23.0 causes the app to leak its login and token to other Nextcloud services when search e.g. for federated users or registering for push notifications.
Ссылки
- Permissions RequiredThird Party Advisory
- Vendor Advisory
- Permissions RequiredThird Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.24.0 (исключая)
cpe:2.3:a:nextcloud:nextcloud:*:*:*:*:*:iphone_os:*:*
EPSS
Процентиль: 71%
0.00662
Низкий
4.9 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-657
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Violation of Secure Design Principles in the iOS App 2.23.0 causes the app to leak its login and token to other Nextcloud services when search e.g. for federated users or registering for push notifications.
EPSS
Процентиль: 71%
0.00662
Низкий
4.9 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-657
NVD-CWE-Other