Vulnerabilities > Nextcloud > Contacts > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-05-30 CVE-2023-33182 Unspecified vulnerability in Nextcloud Contacts
Contacts app for Nextcloud easily syncs contacts from various devices with your Nextcloud and allows editing.
network
low complexity
nextcloud
4.3
2020-07-10 CVE-2020-8181 Unrestricted Upload of File with Dangerous Type vulnerability in Nextcloud Contacts
A missing file type check in Nextcloud Contacts 3.2.0 allowed a malicious user to upload any file as avatars.
network
low complexity
nextcloud CWE-434
4.3
2018-07-05 CVE-2018-3764 Cross-site Scripting vulnerability in Nextcloud Contacts
In Nextcloud Contacts before 2.1.2, a missing sanitization of search results for an autocomplete field could lead to a stored XSS requiring user-interaction.
network
low complexity
nextcloud CWE-79
4.8