CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-8281

A missing file type check in Nextcloud Contacts 3.3.0 allows a malicious user to upload malicious SVG files to perform cross-site scripting (XSS) attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.5%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

Products affected by CVE-2020-8281

Nextcloud » Contacts » Version: 2.0.0

cpe:2.3:a:nextcloud:contacts:2.0.0
Nextcloud » Contacts » Version: 2.0.1

cpe:2.3:a:nextcloud:contacts:2.0.1
Nextcloud » Contacts » Version: 2.1.0

cpe:2.3:a:nextcloud:contacts:2.1.0
Nextcloud » Contacts » Version: 2.1.1

cpe:2.3:a:nextcloud:contacts:2.1.1
Nextcloud » Contacts » Version: 2.1.2

cpe:2.3:a:nextcloud:contacts:2.1.2
Nextcloud » Contacts » Version: 2.1.3

cpe:2.3:a:nextcloud:contacts:2.1.3
Nextcloud » Contacts » Version: 2.1.4

cpe:2.3:a:nextcloud:contacts:2.1.4
Nextcloud » Contacts » Version: 2.1.5

cpe:2.3:a:nextcloud:contacts:2.1.5
Nextcloud » Contacts » Version: 2.1.6

cpe:2.3:a:nextcloud:contacts:2.1.6
Nextcloud » Contacts » Version: 2.1.7

cpe:2.3:a:nextcloud:contacts:2.1.7
Nextcloud » Contacts » Version: 2.1.8

cpe:2.3:a:nextcloud:contacts:2.1.8
Nextcloud » Contacts » Version: 3.0.0

cpe:2.3:a:nextcloud:contacts:3.0.0
Nextcloud » Contacts » Version: 3.0.1

cpe:2.3:a:nextcloud:contacts:3.0.1
Nextcloud » Contacts » Version: 3.0.2

cpe:2.3:a:nextcloud:contacts:3.0.2
Nextcloud » Contacts » Version: 3.0.3

cpe:2.3:a:nextcloud:contacts:3.0.3
Nextcloud » Contacts » Version: 3.0.4

cpe:2.3:a:nextcloud:contacts:3.0.4
Nextcloud » Contacts » Version: 3.0.5

cpe:2.3:a:nextcloud:contacts:3.0.5
Nextcloud » Contacts » Version: 3.1.0

cpe:2.3:a:nextcloud:contacts:3.1.0
Nextcloud » Contacts » Version: 3.1.1

cpe:2.3:a:nextcloud:contacts:3.1.1
Nextcloud » Contacts » Version: 3.1.2

cpe:2.3:a:nextcloud:contacts:3.1.2
Nextcloud » Contacts » Version: 3.1.3

cpe:2.3:a:nextcloud:contacts:3.1.3
Nextcloud » Contacts » Version: 3.1.4

cpe:2.3:a:nextcloud:contacts:3.1.4
Nextcloud » Contacts » Version: 3.1.5

cpe:2.3:a:nextcloud:contacts:3.1.5
Nextcloud » Contacts » Version: 3.1.6

cpe:2.3:a:nextcloud:contacts:3.1.6
Nextcloud » Contacts » Version: 3.1.7

cpe:2.3:a:nextcloud:contacts:3.1.7
Nextcloud » Contacts » Version: 3.1.8

cpe:2.3:a:nextcloud:contacts:3.1.8
Nextcloud » Contacts » Version: 3.1.9

cpe:2.3:a:nextcloud:contacts:3.1.9
Nextcloud » Contacts » Version: 3.2.0

cpe:2.3:a:nextcloud:contacts:3.2.0
Nextcloud » Contacts » Version: 3.3.0

cpe:2.3:a:nextcloud:contacts:3.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-8281

Products

Pricing

Contact Us