Skip to main content

Social

2 CVEs product

Monthly

CVE-2020-8279 HIGH POC This Week

Missing validation of server certificates for out-going connections in Nextcloud Social < 0.4.0 allowed a man-in-the-middle attack. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Nextcloud Information Disclosure Social
NVD
CVSS 3.1
7.4
EPSS
0.6%
CVE-2020-8278 MEDIUM POC This Month

Improper access control in Nextcloud Social app version 0.3.1 allowed to read posts of any user. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Nextcloud Authentication Bypass Social
NVD
CVSS 3.1
5.3
EPSS
1.0%
EPSS 1% CVSS 7.4
HIGH POC This Week

Missing validation of server certificates for out-going connections in Nextcloud Social < 0.4.0 allowed a man-in-the-middle attack. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Nextcloud Information Disclosure Social
NVD
EPSS 1% CVSS 5.3
MEDIUM POC This Month

Improper access control in Nextcloud Social app version 0.3.1 allowed to read posts of any user. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Nextcloud Authentication Bypass Social
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy