Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Nextcloud Server before 12.0.8 and 13.0.3 suffer from improper authentication on the OAuth2 token endpoint. Missing checks potentially allowed handing out new tokens in case the OAuth2 client was partly compromised.
CVSS Information
N/A
Vulnerability Type
认证机制不恰当
Vulnerability Title
Nextcloud Server 安全漏洞
Vulnerability Description
Nextcloud是德国Nextcloud公司的一套开源的自托管文件同步和共享的通信应用平台。Nextcloud Server是其中的一个服务器版。 Nextcloud Server 12.0.8之前版本和13.0.3之前版本中存在安全漏洞,该漏洞源于程序没有正确的对OAuth2令牌端点执行身份验证。攻击者可利用该漏洞获取新的令牌。
CVSS Information
N/A
Vulnerability Type
N/A