Security Advisory – CVE-2019-5450

Product: Nextcloud App on Android
Vendor : Nextcloud GmbH.
Vulnerable Version: Nextcloud Android < 3.7.0
Category: Improper Neutralization of Script-Related HTML Tags in a Web Page (CWE-80)
Vendor Notified: 2019-06-28
Patched: July 9 2019
Researcher(s) : Christian Angel
CVE: 2019-5450


Nextcloud is a suite of client-server software for creating and using file hosting services. Nextcloud application functionally is similar to Dropbox. Unlike Dropbox, Nextcloud does not offer off-premises file storage hosting.


Summary

HTML Tags such as <h1> , <small> , <href> and <img> are Getting Executed in Next Cloud Client Mobile Application for Android which can then Result to Code Injection.

Proof of Concept

Solution

Update the application to the latest version

References

https://hackerone.com/reports/631227

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5450

https://nextcloud.com/security/advisory/?id=NC-SA-2019-009

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.