Vulnerabilities > Nextcloud > Social
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-19 | CVE-2020-8279 | Improper Certificate Validation vulnerability in Nextcloud Social Missing validation of server certificates for out-going connections in Nextcloud Social < 0.4.0 allowed a man-in-the-middle attack. | 5.8 |
| 2020-11-19 | CVE-2020-8278 | Incorrect Authorization vulnerability in Nextcloud Social 0.3.1 Improper access control in Nextcloud Social app version 0.3.1 allowed to read posts of any user. | 5.0 |