CVE-2020-8181

Summary

A missing file type check in Nextcloud Contacts 3.2.0 allowed a malicious user to upload any file as avatars.

Affected Software

VendorProductVersion RangeStatus
n/aNextcloud Contact3.3.0affected

Weaknesses

  • CWE-840: Business Logic Errors (CWE-840)

ADP Enrichment

CVE Program Container

Additional References

References