CVE-2020-8297 is a vulnerability in Nextcloud Deck
Published on February 23, 2021

Nextcloud Deck before 1.0.2 suffers from an insecure direct object reference (IDOR) vulnerability that permits users with a duplicate user identifier to access deck data of a previous deleted user.

NVD

Weakness Type

What is an Insecure Direct Object Reference / IDOR Vulnerability?

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

CVE-2020-8297 has been classified to as an Insecure Direct Object Reference / IDOR vulnerability or weakness.

Products Associated with CVE-2020-8297

Want to know whenever a new CVE is published for Nextcloud Deck? stack.watch will email you.

Nextcloud Deck

Exploit Probability

EPSS

0.23%

Percentile

45.93%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-8297 is a vulnerability in Nextcloud DeckPublished on February 23, 2021

Weakness Type

What is an Insecure Direct Object Reference / IDOR Vulnerability?

Products Associated with CVE-2020-8297

Exploit Probability

CVE-2020-8297 is a vulnerability in Nextcloud Deck
Published on February 23, 2021