Nextcloud server 12.0.5App password scope can be changed for other users
Stored XSS in Gallery application (NC-SA-2017-010)
8th May 2017
Risk level: Low
CVSS v3 Base Score: 3 (AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N)
HackerOne report: 222838
Note that Nextcloud employs a strict Content-Security-Policy preventing exploitation of this XSS issue on modern web browsers.
- Nextcloud Server < 11.0.3 (CVE-2017-0893)
- Nextcloud Server < 10.0.5 (CVE-2017-0893)
- Nextcloud Server < 9.0.58 (CVE-2017-0893)
The vulnerable library has been updated.
The Nextcloud team thanks the following people for their research and responsible disclosure of the above advisory:
- Lukas Reschke - Nextcloud GmbH (email@example.com) - Vulnerability discovery and disclosure.
This advisory is licensed CC BY-SA 4.0.