Description
Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the dav app. The exception message displayed on the DAV endpoints contained partially user-controllable input leading to a potential misrepresentation of information.
Remediation
References
Related Vulnerabilities
Microsoft SQL Server Remote Code Execution Vulnerability (CVE-2019-1068)
WordPress Plugin WPPizza Cross-Site Scripting (2.11.8.17)
WordPress Plugin Simple Download Monitor Multiple Cross-Site Request Forgery Vulnerabilities (3.9.8)
WordPress Plugin Slimstat Analytics SQL Injection (3.9.5)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-0195)