demo.nextcloud.com: Content spoofing due to default Apache Error Page

Disclosed: 2016-08-30 18:40:56 By cutejoker To nextcloud
Unknown
Vulnerability Details
Hello there , your site is vulnerable to phishing the users by this vulnerability. proof of concept https://demo.nextcloud.com///Hello---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------our%20website%20is%20down%20now%20you%20can%20visit%20this%20domain%20mydomain.com%20as%20this%20domain%20doesn't%20exist%20. Thanks !
Actions
View on HackerOne
Report Stats
  • Report ID: 156425
  • State: Closed
  • Substate: resolved
  • Upvotes: 1
Share this report