CVE-2020-8293

A missing input validation in Nextcloud Server before 20.0.2, 19.0.5, 18.0.11 allows users to store unlimited data in workflow rules causing load and potential DDoS on later interactions and usage with those rules.
References
Link Resource
https://hackerone.com/reports/1018146 Third Party Advisory
https://nextcloud.com/security/advisory/?id=NC-SA-2021-001 Broken Link Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*
cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*

Information

Published : 2021-01-26 06:16

Updated : 2022-09-27 03:46


NVD link : CVE-2020-8293

Mitre link : CVE-2020-8293

Products Affected
No products.
CWE