X-E2EE-SIGNATURE verification can be bypassed, leading to loss of confidentiality of end-to-end encrypted files
Medium
N
Nextcloud
Submitted None
Team Summary
Official summary from Nextcloud
Security advisory at https://github.com/nextcloud/security-advisories/security/advisories/GHSA-r4qc-m9mj-452v
Actions:
Reported by
d-xuan
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Improper Certificate Validation