What the vulnerability does

01Description

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Content-Spoofing vulnerability in the "files" app. The top navigation bar displayed in the files list contained partially user-controllable input leading to a potential misrepresentation of information.

Key dates

02Disclosure timeline

April 5, 2017 CVE published
August 5, 2024 Record updated