Content spoofing in cloud.nextcloud.com
N
Nextcloud
Submitted None
Team Summary
Official summary from Nextcloud
@ahsantahir reported a content spoofing vulnerability in cloud.nextcloud.com caused by it's Apache configuration. This has been changed by adding the following to the Apache config: ``` ErrorDocument 404 "File not ErrorDocument 403 "Access forbidden." ``` On request of the reporter, this issue is only disclosed limitedly.
Actions:
Reported by
ahsan
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Violation of Secure Design Principles