CVE-2020-8118
published 2020-02-04CVE-2020-8118: An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the…
medium5CVSS 3.1
AVNACLPRLUINSCCLINAN
An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nextcloud | nextcloud_server | < 15.0.9 | 15.0.9 |
| nextcloud | nextcloud_server | — | — |
| nextcloud | nextcloud_server | >= 16.0.0 < 16.0.2 | 16.0.2 |
| novell | suse_linux_enterprise_server | — | — |
| opensuse | backports_sle | — | — |