mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
77 lines
2.5 KiB
JSON
77 lines
2.5 KiB
JSON
{
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"data_version": "4.0",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2019-15619",
|
|
"ASSIGNER": "support@hackerone.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "n/a",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Nextcloud Server",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "16.0.4"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Cross-site Scripting (XSS) - Stored (CWE-79)"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://hackerone.com/reports/662204",
|
|
"url": "https://hackerone.com/reports/662204"
|
|
},
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://nextcloud.com/security/advisory/?id=NC-SA-2020-008",
|
|
"url": "https://nextcloud.com/security/advisory/?id=NC-SA-2020-008"
|
|
},
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://nextcloud.com/security/advisory/?id=NC-SA-2020-009",
|
|
"url": "https://nextcloud.com/security/advisory/?id=NC-SA-2020-009"
|
|
},
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://nextcloud.com/security/advisory/?id=NC-SA-2020-010",
|
|
"url": "https://nextcloud.com/security/advisory/?id=NC-SA-2020-010"
|
|
}
|
|
]
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Improper neutralization of file names, conversation names and board names in Nextcloud Server 16.0.3, Nextcloud Talk 6.0.3 and Nextcloud Deck 0.6.5 causes an XSS when linking them with each others in a project."
|
|
}
|
|
]
|
|
}
|
|
} |