CVE-2020-8223

Summary

A logic error in Nextcloud Server 19.0.0 caused a privilege escalation allowing malicious users to reshare with higher permissions than they got assigned themselves.

Affected Software

VendorProductVersion RangeStatus
n/aNextcloud ServerFixed in 19.0.1affected

Weaknesses

  • CWE-269: Improper Privilege Management (CWE-269)

ADP Enrichment

CVE Program Container

Additional References

References