Vulnerabilities (CVE)

Filtered by vendor Nextcloud Subscribe
Filtered by product Social
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-8279 1 Nextcloud 1 Social 2024-11-21 5.8 MEDIUM 7.4 HIGH
Missing validation of server certificates for out-going connections in Nextcloud Social < 0.4.0 allowed a man-in-the-middle attack.
CVE-2020-8278 1 Nextcloud 1 Social 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
Improper access control in Nextcloud Social app version 0.3.1 allowed to read posts of any user.