Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
%20-%20Reflected%20(CWE-79)&color=brightgreen)
Missing escaping of HTML in the Updater of Nextcloud 15.0.5 allowed a reflected XSS when starting the updater from a malicious location.
- https://hackerone.com/reports/515484
No PoCs found on GitHub currently.