Content Spoofing/Text Injection - docs.nextcloud.org
Unknown
Vulnerability Details
Issue:
======
Hey, I've found content spoofing also known as "Text Injection" in your sub-domain docs.nextcloud.org
URL:
-------
Here is the malicious URL:
https://docs.nextcloud.org/.htacessCONTENT%20SPOOFING%20BY%20AHSAN
Fix:
Use custom 403 error page which doesn't contain user's text!
I hope you'll fix it soon!
Thanks,
Ahsan Tahir
Actions
View on HackerOneReport Stats
- Report ID: 145850
- State: Closed
- Substate: resolved
- Upvotes: 3