cve/2019/CVE-2019-15623.md

### [CVE-2019-15623](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15623)
![](https://img.shields.io/static/v1?label=Product&message=Nextcloud%20Server&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Privacy%20Violation%20(CWE-359)&color=brighgreen)

### Description

Exposure of Private Information in Nextcloud Server 16.0.1 causes the server to send it's domain and user IDs to the Nextcloud Lookup Server without any further data when the Lookup server is disabled.

### POC

#### Reference
- https://hackerone.com/reports/508490

#### Github
No PoCs found on GitHub currently.
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2019-15623](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15623)`
			`![](https://img.shields.io/static/v1?label=Product&message=Nextcloud%20Server&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Privacy%20Violation%20(CWE-359)&color=brighgreen)`

			`### Description`

			`Exposure of Private Information in Nextcloud Server 16.0.1 causes the server to send it's domain and user IDs to the Nextcloud Lookup Server without any further data when the Lookup server is disabled.`

			`### POC`

			`#### Reference`
			`- https://hackerone.com/reports/508490`

			`#### Github`
			`No PoCs found on GitHub currently.`