CVE-2017-0894
N/A
N/A
Summary
Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid share tokens for public calendars due to a logical error. Thus granting an attacker potentially access to publicly shared calendars without knowing the share token.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Nextcloud | Nextcloud Server | before 11.0.3 | affected |
Weaknesses
- CWE-285: Information Exposure Through Directory Listing (CWE-285)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.