cve/CVE-2016-9467.md at 7482ec4521a75dd13882dc1283f17009c936e974

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the files app. The location bar in the files app was not verifying the passed parameters. An attacker could craft an invalid link to a fake directory structure and use this to display an attacker-controlled error message to the user.

POC

Reference

768221fcf3
768221fcf3
https://hackerone.com/reports/154827
https://hackerone.com/reports/154827

Github

No PoCs found on GitHub currently.

1.2 KiB Raw Blame History

CVE-2016-9467

Description

POC

Reference

Github

1.2 KiB

Raw Blame History