CVE-2019-15623

Summary

Exposure of Private Information in Nextcloud Server 16.0.1 causes the server to send it's domain and user IDs to the Nextcloud Lookup Server without any further data when the Lookup server is disabled.

Affected Software

VendorProductVersion RangeStatus
n/aNextcloud Server16.0.1affected

Weaknesses

  • CWE-359: Privacy Violation (CWE-359)

ADP Enrichment

CVE Program Container

Additional References

References