A wrong check in Nextcloud Server 19 and prior allowed to perform a denial of service attack when resetting the password for a user.
References
Link | Resource |
---|---|
https://hackerone.com/reports/812754 | Exploit Third Party Advisory |
https://nextcloud.com/security/advisory/?id=NC-SA-2021-003 | Vendor Advisory |
Configurations
Information
Published : 2021-01-26 10:16
Updated : 2021-02-02 13:02
NVD link : CVE-2020-8295
Mitre link : CVE-2020-8295
JSON object : View
CWE
CWE-400
Uncontrolled Resource Consumption
Products Affected
nextcloud
- nextcloud_server