Improper access control in Nextcloud Deck 1.0.0 allowed an attacker to inject tasks into other users decks.
Weakness: Improper Privilege Management
The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
This section is open source, for any additional information that enhances or clarifies the official advisory above.
Exploits for CVE-2020-8179 are not publicly available.
Nextcloud: Access Control: Inject tasks into other users decks
submitted by dedoc 9 months ago
publicly disclosed 26 days ago