Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Nextcloud Server vulnerable to open redirect on "Unsupported browser" warning
Vulnerability Description
NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. Starting in version 26.0.0 and prior to version 26.0.2, an attacker could supply a URL that redirects an unsuspecting victim from a legitimate domain to an attacker's site. Nextcloud Server and Nextcloud Enterprise Server 26.0.2 contain a patch for this issue. No known workarounds are available.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N
Vulnerability Type
指向未可信站点的URL重定向(开放重定向)
Vulnerability Title
Nextcloud 输入验证错误漏洞
Vulnerability Description
Nextcloud是德国Nextcloud公司的一套开源的自托管文件同步和共享的通信应用平台。 Nextcloud Server存在输入验证错误漏洞,该漏洞源于允许攻击者将受害者从合法域重定向到攻击者站点的URL。受影响的产品和版本:NxtCloud Server 26.0.0及之前版本,NextCloud Enterprise Server 26.0.0及之前版本。
CVSS Information
N/A
Vulnerability Type
N/A