2020-08-21 20:34:54
hackerone
PUBLISHED
A cross-site scripting error in Nextcloud Desktop client 2.6.4 allowed to present any html (including local links) when responding with invalid data on the login attempt.