Potential DDoS when posting long data into workflow validation rules
Medium
N
Nextcloud
Submitted None
Team Summary
Official summary from Nextcloud
A missing input validation in Nextcloud Server 20.0.1 allowed users to store unlimited data in workflow rules causing load and potential DDoS on later interactions and usage with those rules.
Actions:
Reported by
demonia
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Uncontrolled Resource Consumption