CVE-2019-15612

Summary

A bug in Nextcloud Server 15.0.2 causes pending 2FA logins to not be correctly expired when the password of the user is reset.

Affected Software

VendorProductVersion RangeStatus
n/aNextcloud Server15.0.3affected

Weaknesses

  • CWE-384: Session Fixation (CWE-384)

ADP Enrichment

CVE Program Container

Additional References

References