Contacts only sanitizes PHOTO svg if mime type is all lower case
None
N
Nextcloud
Submitted None
Team Summary
Official summary from Nextcloud
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-hxr6-cx85-gcjx
Actions:
Reported by
christophwurst
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Cross-site Scripting (XSS) - Generic