File Extension-Based Workflow Vulnerability in Nextcloud Server 17.0.1

File Extension-Based Workflow Vulnerability in Nextcloud Server 17.0.1

CVE-2019-15613 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes.

Learn more about our Cis Benchmark Audit For Server Software.