Nextcloud: >> Nextcloud Server >> 15.0.10 Security Vulnerabilities
Improper neutralization of file names, conversation names and board names in Nextcloud Server 16.0.3, Nextcloud Talk 6.0.3 and Nextcloud Deck 0.6.5 causes an XSS when linking them with each others in a project.
CVSS Score
4.8
EPSS Score
0.003
Published
2020-02-04
A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes.
CVSS Score
8.0
EPSS Score
0.003
Published
2020-02-04
Page 7