FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Nextcloud -- Password share by mail not hashed

Affected packages
nextcloud < 19.0.1

Details

VuXML ID eeec4e6f-fa71-11ea-9bb7-d4c9ef517024
Discovery 2020-06-04
Entry 2020-09-19

The Nextcloud project reports:

NC-SA-2020-026 (low): Password of share by mail is not hashed when given on the create share call
A logic error in Nextcloud Server 19.0.0 caused a plaintext storage of the share password when it was given on the initial create API call.

[source]

References

CVE Name CVE-2020-8183
URL https://nextcloud.com/security/advisory/?id=NC-SA-2020-026

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.