Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/nextcloud/nextcloud.com.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMorris Jobke <hey@morrisjobke.de>2018-10-30 14:09:13 +0300
committerGitHub <noreply@github.com>2018-10-30 14:09:13 +0300
commit6d93c1b5e6b97dacb7a73b99c1e3be9ef593ac08 (patch)
tree85abe9188d7f5dcefc0e6112d0fc8735b1c2837f /advisories/nc-sa-2016-002.php
parentee16b310d2eb48f91e09a3c7676c8a6e32f82107 (diff)
parent1915c70314fd6826df261e10b0052d0a353b2e02 (diff)
Merge pull request #987 from nextcloud/update-advisories
Show resolution and remove unneeded duplicate paragraph
Diffstat (limited to 'advisories/nc-sa-2016-002.php')
-rw-r--r--advisories/nc-sa-2016-002.php9
1 files changed, 4 insertions, 5 deletions
diff --git a/advisories/nc-sa-2016-002.php b/advisories/nc-sa-2016-002.php
index b6147a8c..d8f47361 100644
--- a/advisories/nc-sa-2016-002.php
+++ b/advisories/nc-sa-2016-002.php
@@ -13,9 +13,7 @@
<p>CWE: <a href="https://cwe.mitre.org/data/definitions/209.html">Cross-Site Scripting Using MIME Type Mismatch (CWE-209)</a></p>
<p>HackerOne report: <a href="https://hackerone.com/reports/146278">146278</a></p>
<h3>Description</h3>
- <p><p>The "download log" functionality in the admin screen is delivering the log in JSON format to the end-user. The file was delivered with an attachment disposition forcing the browser to download the document. However, Firefox running on Microsoft Windows would offer the user to open the data in the browser as HTML document. Thus any injected data in the log would be executed.</p>
-<p>While the document would only be executed locally (thus on another scope) we have decided to fix this to protect our users.</p>
-</p>
+ <p>The "download log" functionality in the admin screen is delivering the log in JSON format to the end-user. The file was delivered with an attachment disposition forcing the browser to download the document. However, Firefox running on Microsoft Windows would offer the user to open the data in the browser as HTML document. Thus any injected data in the log would be executed.While the document would only be executed locally (thus on another scope) we have decided to fix this to protect our users.</p>
<h3>Affected Software</h3>
<ul>
<li>Nextcloud Server &lt; <strong>9.0.52</strong> (CVE-2016-9459)</li>
@@ -25,8 +23,9 @@
</ul>
<h3>Action Taken</h3>
- <p><p>The file is now delivered with a content-type of "application/octet-stream".</p>
-</p>
+ <p>The file is now delivered with a content-type of "application/octet-stream".</p>
+ <h3>Resolution</h3>
+ <p>It is recommended that all instances are upgraded to Nextcloud 9.0.52.</p>
<h3>Acknowledgements</h3>
<p>The Nextcloud team thanks the following people for their research and responsible disclosure of the above advisory:</p>
<ul>