Unrated severityNVD Advisory· Published Feb 4, 2020· Updated Aug 4, 2024
CVE-2020-8118
CVE-2020-8118
Description
An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- osv-coords4 versionspkg:rpm/opensuse/nextcloud&distro=openSUSE%20Leap%2015.1pkg:rpm/suse/nextcloud&distro=SUSE%20Package%20Hub%2012pkg:rpm/suse/nextcloud&distro=SUSE%20Package%20Hub%2015pkg:rpm/suse/nextcloud&distro=SUSE%20Package%20Hub%2015%20SP1
< 15.0.14-bp151.3.3.1+ 3 more
- (no CPE)range: < 15.0.14-bp151.3.3.1
- (no CPE)range: < 15.0.14-bp151.3.3.1
- (no CPE)range: < 15.0.14-bp151.3.3.1
- (no CPE)range: < 15.0.14-bp151.3.3.1
Patches
Vulnerability mechanics
References
4- lists.opensuse.org/opensuse-security-announce/2020-02/msg00019.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.opensuse.org/opensuse-security-announce/2020-02/msg00022.htmlmitrevendor-advisoryx_refsource_SUSE
- hackerone.com/reports/427835mitrex_refsource_MISC
- nextcloud.com/security/advisory/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.