CVE-2020-8180

Summary

A too lax check in Nextcloud Talk 6.0.4, 7.0.2 and 8.0.7 allowed a code injection when a not correctly sanitized talk command was added by an administrator.

Affected Software

VendorProductVersion RangeStatus
n/aNextcloud TalkFixed in >= 8.0.8affected

Weaknesses

  • CWE-94: Code Injection (CWE-94)

ADP Enrichment

CVE Program Container

Additional References

References