CVE-2016-9467 (GCVE-0-2016-9467)
Vulnerability from cvelistv5
Published
2017-03-28 02:46
Modified
2024-08-06 02:50
Severity ?
CWE
  • CWE-451 - User Interface (UI) Misrepresentation of Critical Information ()
Summary
Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the files app. The location bar in the files app was not verifying the passed parameters. An attacker could craft an invalid link to a fake directory structure and use this to display an attacker-controlled error message to the user.
References
support@hackerone.com https://github.com/nextcloud/server/commit/1352365e8bf5ea49da3dc82b1ccf7ddb659ae960 Issue Tracking, Patch, Third Party Advisory
support@hackerone.com https://github.com/nextcloud/server/commit/5dd211cc8845fd4533966bf8d7a7f2a6359ea013 Issue Tracking, Patch, Third Party Advisory
support@hackerone.com https://github.com/nextcloud/server/commit/778ae8abd54c378fc4781394bbedc7a2ee3095e1 Issue Tracking, Patch, Third Party Advisory
support@hackerone.com https://github.com/nextcloud/server/commit/c3ae21fef2880c9fe44e8fdbe1262ac7f9716f14 Issue Tracking, Patch, Third Party Advisory
support@hackerone.com https://github.com/nextcloud/server/commit/df50e967dbd27b13875625b7dd3189294619b071 Issue Tracking, Patch, Third Party Advisory
support@hackerone.com https://github.com/nextcloud/server/commit/ed0f0db5fa0aff04594cb0f973ae4c22b17a175a Issue Tracking, Patch, Third Party Advisory
support@hackerone.com https://github.com/owncloud/core/commit/768221fcf3c526c65d85f62b0efa2da5ea00bf2d Issue Tracking, Patch, Third Party Advisory
support@hackerone.com https://github.com/owncloud/core/commit/e7acbce27fa0ef1c6fe216ca67c72d86484919a4 Issue Tracking, Patch, Third Party Advisory
support@hackerone.com https://hackerone.com/reports/154827 Exploit, Third Party Advisory
support@hackerone.com https://nextcloud.com/security/advisory/?id=nc-sa-2016-010 Patch, Vendor Advisory
support@hackerone.com https://owncloud.org/security/advisory/?id=oc-sa-2016-020 Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 https://github.com/nextcloud/server/commit/1352365e8bf5ea49da3dc82b1ccf7ddb659ae960 Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://github.com/nextcloud/server/commit/5dd211cc8845fd4533966bf8d7a7f2a6359ea013 Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://github.com/nextcloud/server/commit/778ae8abd54c378fc4781394bbedc7a2ee3095e1 Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://github.com/nextcloud/server/commit/c3ae21fef2880c9fe44e8fdbe1262ac7f9716f14 Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://github.com/nextcloud/server/commit/df50e967dbd27b13875625b7dd3189294619b071 Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://github.com/nextcloud/server/commit/ed0f0db5fa0aff04594cb0f973ae4c22b17a175a Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://github.com/owncloud/core/commit/768221fcf3c526c65d85f62b0efa2da5ea00bf2d Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://github.com/owncloud/core/commit/e7acbce27fa0ef1c6fe216ca67c72d86484919a4 Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://hackerone.com/reports/154827 Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://nextcloud.com/security/advisory/?id=nc-sa-2016-010 Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 https://owncloud.org/security/advisory/?id=oc-sa-2016-020 Patch, Vendor Advisory
Impacted products
Vendor Product Version
n/a Nextcloud Server & ownCloud Server Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 Version: Nextcloud Server & ownCloud Server Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:50:38.429Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/nextcloud/server/commit/5dd211cc8845fd4533966bf8d7a7f2a6359ea013"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/nextcloud/server/commit/ed0f0db5fa0aff04594cb0f973ae4c22b17a175a"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://nextcloud.com/security/advisory/?id=nc-sa-2016-010"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/nextcloud/server/commit/df50e967dbd27b13875625b7dd3189294619b071"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/owncloud/core/commit/768221fcf3c526c65d85f62b0efa2da5ea00bf2d"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/owncloud/core/commit/e7acbce27fa0ef1c6fe216ca67c72d86484919a4"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/nextcloud/server/commit/c3ae21fef2880c9fe44e8fdbe1262ac7f9716f14"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://hackerone.com/reports/154827"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/nextcloud/server/commit/1352365e8bf5ea49da3dc82b1ccf7ddb659ae960"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/nextcloud/server/commit/778ae8abd54c378fc4781394bbedc7a2ee3095e1"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://owncloud.org/security/advisory/?id=oc-sa-2016-020"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Nextcloud Server \u0026 ownCloud Server Nextcloud Server before 9.0.54 and 10.0.1 \u0026 ownCloud Server before 9.0.6 and 9.1.2",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Nextcloud Server \u0026 ownCloud Server Nextcloud Server before 9.0.54 and 10.0.1 \u0026 ownCloud Server before 9.0.6 and 9.1.2"
            }
          ]
        }
      ],
      "datePublic": "2017-03-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Nextcloud Server before 9.0.54 and 10.0.1 \u0026 ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the files app. The location bar in the files app was not verifying the passed parameters. An attacker could craft an invalid link to a fake directory structure and use this to display an attacker-controlled error message to the user."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-451",
              "description": "User Interface (UI) Misrepresentation of Critical Information (CWE-451)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-28T02:57:01",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/nextcloud/server/commit/5dd211cc8845fd4533966bf8d7a7f2a6359ea013"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/nextcloud/server/commit/ed0f0db5fa0aff04594cb0f973ae4c22b17a175a"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://nextcloud.com/security/advisory/?id=nc-sa-2016-010"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/nextcloud/server/commit/df50e967dbd27b13875625b7dd3189294619b071"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/owncloud/core/commit/768221fcf3c526c65d85f62b0efa2da5ea00bf2d"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/owncloud/core/commit/e7acbce27fa0ef1c6fe216ca67c72d86484919a4"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/nextcloud/server/commit/c3ae21fef2880c9fe44e8fdbe1262ac7f9716f14"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://hackerone.com/reports/154827"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/nextcloud/server/commit/1352365e8bf5ea49da3dc82b1ccf7ddb659ae960"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/nextcloud/server/commit/778ae8abd54c378fc4781394bbedc7a2ee3095e1"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://owncloud.org/security/advisory/?id=oc-sa-2016-020"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "support@hackerone.com",
          "ID": "CVE-2016-9467",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Nextcloud Server \u0026 ownCloud Server Nextcloud Server before 9.0.54 and 10.0.1 \u0026 ownCloud Server before 9.0.6 and 9.1.2",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Nextcloud Server \u0026 ownCloud Server Nextcloud Server before 9.0.54 and 10.0.1 \u0026 ownCloud Server before 9.0.6 and 9.1.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Nextcloud Server before 9.0.54 and 10.0.1 \u0026 ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the files app. The location bar in the files app was not verifying the passed parameters. An attacker could craft an invalid link to a fake directory structure and use this to display an attacker-controlled error message to the user."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "User Interface (UI) Misrepresentation of Critical Information (CWE-451)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/nextcloud/server/commit/5dd211cc8845fd4533966bf8d7a7f2a6359ea013",
              "refsource": "MISC",
              "url": "https://github.com/nextcloud/server/commit/5dd211cc8845fd4533966bf8d7a7f2a6359ea013"
            },
            {
              "name": "https://github.com/nextcloud/server/commit/ed0f0db5fa0aff04594cb0f973ae4c22b17a175a",
              "refsource": "MISC",
              "url": "https://github.com/nextcloud/server/commit/ed0f0db5fa0aff04594cb0f973ae4c22b17a175a"
            },
            {
              "name": "https://nextcloud.com/security/advisory/?id=nc-sa-2016-010",
              "refsource": "MISC",
              "url": "https://nextcloud.com/security/advisory/?id=nc-sa-2016-010"
            },
            {
              "name": "https://github.com/nextcloud/server/commit/df50e967dbd27b13875625b7dd3189294619b071",
              "refsource": "MISC",
              "url": "https://github.com/nextcloud/server/commit/df50e967dbd27b13875625b7dd3189294619b071"
            },
            {
              "name": "https://github.com/owncloud/core/commit/768221fcf3c526c65d85f62b0efa2da5ea00bf2d",
              "refsource": "MISC",
              "url": "https://github.com/owncloud/core/commit/768221fcf3c526c65d85f62b0efa2da5ea00bf2d"
            },
            {
              "name": "https://github.com/owncloud/core/commit/e7acbce27fa0ef1c6fe216ca67c72d86484919a4",
              "refsource": "MISC",
              "url": "https://github.com/owncloud/core/commit/e7acbce27fa0ef1c6fe216ca67c72d86484919a4"
            },
            {
              "name": "https://github.com/nextcloud/server/commit/c3ae21fef2880c9fe44e8fdbe1262ac7f9716f14",
              "refsource": "MISC",
              "url": "https://github.com/nextcloud/server/commit/c3ae21fef2880c9fe44e8fdbe1262ac7f9716f14"
            },
            {
              "name": "https://hackerone.com/reports/154827",
              "refsource": "MISC",
              "url": "https://hackerone.com/reports/154827"
            },
            {
              "name": "https://github.com/nextcloud/server/commit/1352365e8bf5ea49da3dc82b1ccf7ddb659ae960",
              "refsource": "MISC",
              "url": "https://github.com/nextcloud/server/commit/1352365e8bf5ea49da3dc82b1ccf7ddb659ae960"
            },
            {
              "name": "https://github.com/nextcloud/server/commit/778ae8abd54c378fc4781394bbedc7a2ee3095e1",
              "refsource": "MISC",
              "url": "https://github.com/nextcloud/server/commit/778ae8abd54c378fc4781394bbedc7a2ee3095e1"
            },
            {
              "name": "https://owncloud.org/security/advisory/?id=oc-sa-2016-020",
              "refsource": "MISC",
              "url": "https://owncloud.org/security/advisory/?id=oc-sa-2016-020"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2016-9467",
    "datePublished": "2017-03-28T02:46:00",
    "dateReserved": "2016-11-19T00:00:00",
    "dateUpdated": "2024-08-06T02:50:38.429Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-9467\",\"sourceIdentifier\":\"support@hackerone.com\",\"published\":\"2017-03-28T02:59:01.153\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Nextcloud Server before 9.0.54 and 10.0.1 \u0026 ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the files app. The location bar in the files app was not verifying the passed parameters. An attacker could craft an invalid link to a fake directory structure and use this to display an attacker-controlled error message to the user.\"},{\"lang\":\"es\",\"value\":\"Nextcloud Server en versiones anteriores a 9.0.54 y 10.0.1y ownCloud Server en versiones anteriores a 9.0.6 y 9.1.2 sufren de contenido de suplantaci\u00f3n en la aplicaci\u00f3n de archivos. La barra de ubicaci\u00f3n en la aplicaci\u00f3n de archivos no estaba verificando los par\u00e1metros pasados. Un atacante podr\u00eda manipular un enlace no v\u00e1lido a una estructura de directorio falsa y usar esto para mostrar un mensaje de error controlado por el atacante al usuario.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"support@hackerone.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-451\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.0.54\",\"matchCriteriaId\":\"D6E3F368-B854-430E-AB8F-496675C4E210\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.0.1\",\"matchCriteriaId\":\"8288B81D-CA35-46EB-A7E7-B60B193E3F81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0.0\",\"versionEndExcluding\":\"9.0.6\",\"matchCriteriaId\":\"CA8CCC5C-D019-4A80-BD8D-3914BFFC60C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.1.0\",\"versionEndExcluding\":\"9.1.2\",\"matchCriteriaId\":\"8E9501A9-E507-4A81-954B-D6D3223EE2F8\"}]}]}],\"references\":[{\"url\":\"https://github.com/nextcloud/server/commit/1352365e8bf5ea49da3dc82b1ccf7ddb659ae960\",\"source\":\"support@hackerone.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/nextcloud/server/commit/5dd211cc8845fd4533966bf8d7a7f2a6359ea013\",\"source\":\"support@hackerone.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/nextcloud/server/commit/778ae8abd54c378fc4781394bbedc7a2ee3095e1\",\"source\":\"support@hackerone.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/nextcloud/server/commit/c3ae21fef2880c9fe44e8fdbe1262ac7f9716f14\",\"source\":\"support@hackerone.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/nextcloud/server/commit/df50e967dbd27b13875625b7dd3189294619b071\",\"source\":\"support@hackerone.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/nextcloud/server/commit/ed0f0db5fa0aff04594cb0f973ae4c22b17a175a\",\"source\":\"support@hackerone.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/owncloud/core/commit/768221fcf3c526c65d85f62b0efa2da5ea00bf2d\",\"source\":\"support@hackerone.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/owncloud/core/commit/e7acbce27fa0ef1c6fe216ca67c72d86484919a4\",\"source\":\"support@hackerone.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://hackerone.com/reports/154827\",\"source\":\"support@hackerone.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://nextcloud.com/security/advisory/?id=nc-sa-2016-010\",\"source\":\"support@hackerone.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://owncloud.org/security/advisory/?id=oc-sa-2016-020\",\"source\":\"support@hackerone.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/nextcloud/server/commit/1352365e8bf5ea49da3dc82b1ccf7ddb659ae960\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/nextcloud/server/commit/5dd211cc8845fd4533966bf8d7a7f2a6359ea013\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/nextcloud/server/commit/778ae8abd54c378fc4781394bbedc7a2ee3095e1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/nextcloud/server/commit/c3ae21fef2880c9fe44e8fdbe1262ac7f9716f14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/nextcloud/server/commit/df50e967dbd27b13875625b7dd3189294619b071\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/nextcloud/server/commit/ed0f0db5fa0aff04594cb0f973ae4c22b17a175a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/owncloud/core/commit/768221fcf3c526c65d85f62b0efa2da5ea00bf2d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/owncloud/core/commit/e7acbce27fa0ef1c6fe216ca67c72d86484919a4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://hackerone.com/reports/154827\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://nextcloud.com/security/advisory/?id=nc-sa-2016-010\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://owncloud.org/security/advisory/?id=oc-sa-2016-020\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.