CRITICAL🇵🇱 Wersja polska

CVE-2019-5454

CVSS 9.8v3.1pub. 2019-07-30upd. 2024-11-21

SQL Injection in the Nextcloud Android app prior to version 3.0.0 allows to destroy a local cache when a harmful query is executed requiring to resetup the account.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Nextcloud

    APP
    Nextcloud
    1.0.01.0.11.1.01.2.01.3.01.3.11.4.01.4.11.4.21.4.32.0.02.0.13.0.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
SQLi
CWE
References

Related vulnerabilities

CVE-2021-43863HIGH7.5ten sam produkt

The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. The Nextcl...

CVE-2023-49790MEDIUM4.3ten sam produkt

The Nextcloud iOS Files app allows users of iOS to interact with Nextcloud, a self-hosted productivity platfor...

CVE-2023-28999MEDIUM6.9ten sam produkt

Nextcloud is an open-source productivity platform. In Nextcloud Desktop client 3.0.0 until 3.8.0, Nextcloud An...

CVE-2023-28646MEDIUM4.4ten sam produkt

Nextcloud android is an android app for interfacing with the nextcloud home server ecosystem. In versions from...

CVE-2023-28647MEDIUM4.4ten sam produkt

Nextcloud iOS is an ios application used to interface with the nextcloud home cloud ecosystem. In versions pri...