CVE-2019-15611

Summary

Violation of Secure Design Principles in the iOS App 2.23.0 causes the app to leak its login and token to other Nextcloud services when search e.g. for federated users or registering for push notifications.

Affected Software

VendorProductVersion RangeStatus
n/aNextcloud iOS2.23.0affected

Weaknesses

  • CWE-657: Violation of Secure Design Principles (CWE-657)

ADP Enrichment

CVE Program Container

Additional References

References