cve/2017/CVE-2017-0885.md

CVE-2017-0885

Description

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a error message disclosing existence of file in write-only share. Due to an error in the application logic an adversary with access to a write-only share may enumerate the names of existing files and subfolders by comparing the exception messages.

POC

Reference

• https://hackerone.com/reports/174524

Github

No PoCs found on GitHub currently.