Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2021-22879 - log back

CVE-2021-22879 edited at 13 Apr 2021 08:42:09

Severity

-	Unknown
+	Medium

Remote

-	Unknown
+	Remote

Type

-	Unknown
+	Arbitrary code execution

Description

+	Missing validation of URLs in Nextcloud Desktop Client 3.1.2 and earlier allowed a malicious server to execute code on the client. User interaction was required.

References

+	https://nextcloud.com/security/advisory/?id=nC-SA-2021-008
+	https://hackerone.com/reports/1078002

Notes

CVE-2021-22879 created at 13 Apr 2021 08:40:59