Affected versions are subject to Improper Privilege Management. Metabase is an open source data analytics platform. The only known workaround for this issue is to completely disable the nextcloud mail app. It is recommended that the Nextcloud Maill app is upgraded to 1.15.0 or 2.2.2. In affected versions the SMTP, IMAP and Sieve host fields allowed to scan for internal services and servers reachable from within the local network of the Nextcloud Server. Nextcloud mail is an email app for the nextcloud home server platform. There are no known workarounds for this issue. It is recommended that the Nextcloud Mail app is upgraded to 2.2.2. Any attacker or malicious user with access to the database would have access to these user passwords until the OAuth setup has been completed. In versions prior to 2.2.2 user's passwords were stored in cleartext in the database during the duration of OAuth2 setup procedure. D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the config.smtp_email_subject parameter at /goform/formSetEmail.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |