A vulnerability was found in Nextcloud Text up to 19.0.12/20.0.10/21.0.2 (Cloud Software). It has been classified as problematic. This affects some unknown processing of the component Markdown Handler. Upgrading to version 19.0.13, 20.0.11 or 21.0.3 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.
Nextcloud Text up to 19.0.12/20.0.10/21.0.2 Markdown cross site scripting
- Virtual Patching
- July 13, 2021
- 7:04 am
Contact us to get started
CVE-2022-22486 : IBM TIVOLI WORKLOAD SCHEDULER 9.4/9.5/10.1 XML EXTERNAL ENTITY REFERENCE
Description IBM Tivoli Workload Scheduler 9.4, 9.5, and 10.1 is vulnerable to an XML External Entity Injection (XXE) attack when
CVE-2023-24997 : APACHE INLONG UP TO 1.5.0 DESERIALIZATION
Description Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0.
CVE-2022-37708 : DOCKER 20.10.15 BUILD FD82621 PERMISSION
Description Docker version 20.10.15, build fd82621 is vulnerable to Insecure Permissions. Unauthorized users outside the Docker container can access any