← Back to CVE List
CVE-2020-8280
Published:
2021-01-06T21:15Z
Last Modified:
2024-11-21T05:38Z
Source:
MITRE CVE List
License:
MITRE-CVE-TOS
A missing file type check in Nextcloud Contacts 3.4.0 allows a malicious user to upload SVG files as PNG files to perform cross-site scripting (XSS) attacks. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt