CVE-2017-0895

Summary

Nextcloud Server before 10.0.4 and 11.0.2 are vulnerable to disclosure of calendar and addressbook names to other logged-in users. Note that no actual content of the calendar and addressbook has been disclosed.

Affected Software

VendorProductVersion RangeStatus
NextcloudNextcloud Serverbefore 10.0.4 and 11.0.2affected

Weaknesses

  • CWE-285: Information Exposure Through Directory Listing (CWE-285)

ADP Enrichment

CVE Program Container

Additional References

References