CVE-2020-8227

Summary

Missing sanitization of a server response in Nextcloud Desktop Client 2.6.4 for Linux allowed a malicious Nextcloud Server to store files outside of the dedicated sync directory.

Affected Software

VendorProductVersion RangeStatus
n/aDesktop Client2.6.5affected

Weaknesses

  • CWE-22: Path Traversal (CWE-22)

ADP Enrichment

CVE Program Container

Additional References

References