Nextcloud Server before 11.0.3 is vulnerable to an improper session handling allowed an application specific password without permission to the files access to the users file.
The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.
Link | Tags |
---|---|
https://hackerone.com/reports/191979 | third party advisory |
https://nextcloud.com/security/advisory/?id=nc-sa-2017-009 | patch vendor advisory broken link |