Skip to main content
  1. Security/

Ability to control the filename when uploading a logo or favicon on theming

·1 min· 0 · 0 ·
Nextcloud bugbounty CVE-2023-28833
Christian Angel
Christian Angel
Table of Contents
When uploading a logo or favicon the filename can be controlled by attacker since the key can be modified which serves as the filename.

Proof of Concept: #

  1. go to http://localhost/settings/admin/theming
  2. upload a logo or favicon
  3. intercept the request using burp
  4. modify the key

References #