RSS   Podatności dla 'Officeonline'   RSS

2021-10-25
 
CVE-2021-39224

NVD-CWE-noinfo
 

 
Nextcloud is an open-source, self-hosted productivity platform. The Nextcloud OfficeOnline application prior to version 1.1.1 returned verbatim exception messages to the user. This could result in a full path disclosure on shared files. (e.g. an attacker could see that the file `shared.txt` is located within `/files/$username/Myfolder/Mysubfolder/shared.txt`). It is recommended that the OfficeOnline application is upgraded to 1.1.1. As a workaround, one may disable the OfficeOnline application in the app settings.

 

 >>> Vendor: Nextcloud 18 Produkty
Nextcloud
Nextcloud server
Calendar
TALK
Lookup-server
Server
Circles
DECK
Group folders
Nextcloud mail
Contacts
Preferred providers
Social
Desktop
Richdocuments
MAIL
Officeonline
NEWS


Copyright 2022, cxsecurity.com

 

Back to Top