![]() ![]() It is recommended that the Nextcloud Talk Android app is upgraded to 15.0.2. There are currently no known workarounds available. To exploit this the attacker needs to have physical access to the target's device. Due to passcode bypass, an attacker is able to access the user's Nextcloud files and view conversations. Talk-Android enables users to have video & audio calls through Nextcloud on Android. However, injections affecting `owncloud_database` remain relevant as of version 3.0. In version 3.0, the `filelist` database was deprecated. Two databases, `filelist` and `owncloud_database`, are affected. This issue can lead to information disclosure. Version 2.21.1 of the ownCloud Android app is vulnerable to SQL injection in `FileContentProvider.kt`. The ownCloud Android app allows ownCloud users to access, share, and edit files and folders. The bypasses may lead to information disclosure when uploading the app’s internal files, and to arbitrary file write when uploading plain text files (although limited by the. Prior to version 3.0, the app has an incomplete fix for a path traversal issue and is vulnerable to two bypass methods. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |