Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/nextcloud/nextcloud.com.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/advisories
diff options
context:
space:
mode:
authorJoas Schilling <coding@schilljs.com>2020-02-07 11:46:19 +0300
committerJoas Schilling <coding@schilljs.com>2020-02-07 11:46:19 +0300
commit3201b01718114a1f2a5d8392f8897338ea971abe (patch)
tree703fa5194d285c24bb9d8cc6524c921ce97e1e15 /advisories
parent664517bd0f235b7238dd024d0e47a2d5b8e48162 (diff)
Fix duplicate ID
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'advisories')
-rw-r--r--advisories/advisories.rss12
-rw-r--r--advisories/full-list.php7
-rw-r--r--advisories/nc-sa-2019-018.php36
3 files changed, 49 insertions, 6 deletions
diff --git a/advisories/advisories.rss b/advisories/advisories.rss
index 3d308037..363a480b 100644
--- a/advisories/advisories.rss
+++ b/advisories/advisories.rss
@@ -83,6 +83,12 @@
<guid isPermaLink="true">https://nextcloud.com/security/advisory/?id=nC-SA-2020-001</guid>
<pubDate>Mon, 01 Apr 2019 02:00:00 +0200</pubDate>
</item><item>
+ <title>Server: Reflected XSS in svg logo generation (NC-SA-2019-018)</title>
+ <description>A reflected Cross-Site Scripting vunerability was discovered in the svg generation.&lt;br/&gt;&lt;hr/&gt;&lt;p&gt;&lt;strong&gt;&lt;a href=&quot;https://nextcloud.com/security/advisory/?id=nC-SA-2019-018&quot;&gt;For more information please consult the official advisory.&lt;/a&gt;&lt;/strong&gt;&lt;/p&gt;</description>
+ <link>https://nextcloud.com/security/advisory/?id=nC-SA-2019-018</link>
+ <guid isPermaLink="true">https://nextcloud.com/security/advisory/?id=nC-SA-2019-018</guid>
+ <pubDate>Fri, 02 Aug 2019 14:00:00 +0200</pubDate>
+ </item><item>
<title>iOS App: Login and token disclosure to other Nextcloud services (NC-SA-2019-017)</title>
<description>Violation of Secure Design Principles in the iOS App 2.23.0 causes the app to leak its login and token to other Nextcloud services when search e.g. for federated users or registering for push notifications.&lt;br/&gt;&lt;hr/&gt;&lt;p&gt;&lt;strong&gt;&lt;a href=&quot;https://nextcloud.com/security/advisory/?id=nC-SA-2019-017&quot;&gt;For more information please consult the official advisory.&lt;/a&gt;&lt;/strong&gt;&lt;/p&gt;</description>
<link>https://nextcloud.com/security/advisory/?id=nC-SA-2019-017</link>
@@ -161,11 +167,11 @@
<guid isPermaLink="true">https://nextcloud.com/security/advisory/?id=nC-SA-2019-005</guid>
<pubDate>Fri, 26 Jul 2019 12:00:00 +0200</pubDate>
</item><item>
- <title>Server: Reflected XSS in svg logo generation (NC-SA-2019-004)</title>
- <description>A reflected Cross-Site Scripting vunerability was discovered in the svg generation.&lt;br/&gt;&lt;hr/&gt;&lt;p&gt;&lt;strong&gt;&lt;a href=&quot;https://nextcloud.com/security/advisory/?id=nC-SA-2019-004&quot;&gt;For more information please consult the official advisory.&lt;/a&gt;&lt;/strong&gt;&lt;/p&gt;</description>
+ <title>Android App: Bypass lock protection in Android app (NC-SA-2019-004)</title>
+ <description>Creating a fake multi-account and aborting the process would redirect the user to the default account of the device without asking for the lock pattern if one was set up.&lt;br/&gt;&lt;hr/&gt;&lt;p&gt;&lt;strong&gt;&lt;a href=&quot;https://nextcloud.com/security/advisory/?id=nC-SA-2019-004&quot;&gt;For more information please consult the official advisory.&lt;/a&gt;&lt;/strong&gt;&lt;/p&gt;</description>
<link>https://nextcloud.com/security/advisory/?id=nC-SA-2019-004</link>
<guid isPermaLink="true">https://nextcloud.com/security/advisory/?id=nC-SA-2019-004</guid>
- <pubDate>Fri, 02 Aug 2019 14:00:00 +0200</pubDate>
+ <pubDate>Fri, 26 Jul 2019 12:00:00 +0200</pubDate>
</item><item>
<title>Server: Improper share updates could result in extended data access (NC-SA-2019-003)</title>
<description>A bug could expose more data in reshared link shares than intended by the sharer.&lt;br/&gt;&lt;hr/&gt;&lt;p&gt;&lt;strong&gt;&lt;a href=&quot;https://nextcloud.com/security/advisory/?id=nC-SA-2019-003&quot;&gt;For more information please consult the official advisory.&lt;/a&gt;&lt;/strong&gt;&lt;/p&gt;</description>
diff --git a/advisories/full-list.php b/advisories/full-list.php
index 1412f21c..089a01df 100644
--- a/advisories/full-list.php
+++ b/advisories/full-list.php
@@ -154,17 +154,17 @@
<h3>Nextcloud Server 16.0.2</h3>
<ul>
- <li><a href="/security/advisory/?id=NC-SA-2019-004">Reflected XSS in svg logo generation (NC-SA-2019-004)</a> 2019-08-02</li>
+ <li><a href="/security/advisory/?id=NC-SA-2019-018">Reflected XSS in svg logo generation (NC-SA-2019-018)</a> 2019-08-02</li>
</ul>
<h3>Nextcloud Server 15.0.9</h3>
<ul>
- <li><a href="/security/advisory/?id=NC-SA-2019-004">Reflected XSS in svg logo generation (NC-SA-2019-004)</a> 2019-08-02</li>
+ <li><a href="/security/advisory/?id=NC-SA-2019-018">Reflected XSS in svg logo generation (NC-SA-2019-018)</a> 2019-08-02</li>
</ul>
<h3>Nextcloud Server 14.0.13</h3>
<ul>
- <li><a href="/security/advisory/?id=NC-SA-2019-004">Reflected XSS in svg logo generation (NC-SA-2019-004)</a> 2019-08-02</li>
+ <li><a href="/security/advisory/?id=NC-SA-2019-018">Reflected XSS in svg logo generation (NC-SA-2019-018)</a> 2019-08-02</li>
</ul>
<h3>Android App 3.7.0</h3>
@@ -181,6 +181,7 @@
<ul>
<li><a href="/security/advisory/?id=NC-SA-2019-011">Query restriction bypass on exposed FileContentProvider in Android app (NC-SA-2019-011)</a> 2019-07-26</li>
<li><a href="/security/advisory/?id=NC-SA-2019-008">Bypass lock protection in Android app (NC-SA-2019-008)</a> 2019-07-26</li>
+ <li><a href="/security/advisory/?id=NC-SA-2019-004">Bypass lock protection in Android app (NC-SA-2019-004)</a> 2019-07-26</li>
</ul>
<h3>Android App 3.3.0</h3>
diff --git a/advisories/nc-sa-2019-018.php b/advisories/nc-sa-2019-018.php
new file mode 100644
index 00000000..c67d429c
--- /dev/null
+++ b/advisories/nc-sa-2019-018.php
@@ -0,0 +1,36 @@
+<div class="row page-content-header">
+<div class="col-md-12">
+ <h1>Security Advisory</h1>
+ <a href="/security/advisories/">Back to advisories</a>
+</div>
+</div>
+<div class="row">
+ <div class="col-md-12">
+ <h2>Reflected XSS in svg logo generation (NC-SA-2019-018)</h2>
+ <p>2nd August 2019</p>
+ <p>Risk level: <strong>Low</strong></p>
+ <p>CVSS v3 Base Score: 6.5 (<a href="https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N">AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N</a>)</p>
+ <p>CWE: <a href="https://cwe.mitre.org/data/definitions/79.html">Cross-site Scripting (XSS) - Reflected (CWE-79)</a></p>
+ <p>HackerOne report: <a href="https://hackerone.com/reports/605915">605915</a></p>
+ <h3>Description</h3>
+ <p>A reflected Cross-Site Scripting vunerability was discovered in the svg generation.</p>
+ <h3>Affected Software</h3>
+ <ul>
+ <li>Nextcloud Server &lt; <strong>16.0.2</strong> (CVE-2020-8120)</li>
+<li>Nextcloud Server &lt; <strong>15.0.9</strong> (CVE-2020-8120)</li>
+<li>Nextcloud Server &lt; <strong>14.0.13</strong> (CVE-2020-8120)</li>
+
+ </ul>
+ <h3>Action Taken</h3>
+ <p>The error has been fixed.</p>
+ <h3>Resolution</h3>
+ <p>It is recommended that all instances are upgraded to Nextcloud 16.0.2, 15.0.9 or 14.0.13.</p>
+ <h3>Acknowledgements</h3>
+ <p>The Nextcloud team thanks the following people for their research and responsible disclosure of the above advisory:</p>
+ <ul>
+ <li><a href="https://frederik-braun.com" target="_blank" rel="noreferrer">Frederik Braun - Vulnerability discovery and disclosure.</a></li>
+ </ul>
+ <br/>
+ <small style="color:grey">This advisory is licensed <a href="https://creativecommons.org/licenses/by-sa/4.0/">CC BY-SA 4.0</a>.</small>
+ </div>
+</div>
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-08 03:07:23 +0300