Unrated severityNVD Advisory· Published Feb 4, 2020· Updated Aug 5, 2024
CVE-2019-15618
CVE-2019-15618
Description
Missing escaping of HTML in the Updater of Nextcloud 15.0.5 allowed a reflected XSS when starting the updater from a malicious location.
Affected products
1- Range: 15.0.6
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- hackerone.com/reports/515484mitrex_refsource_MISC
- nextcloud.com/security/advisory/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.