A missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed a man in the middle attack.
The product does not validate, or incorrectly validates, a certificate.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Nextcloud_mail | Nextcloud | * | 1.1.4 (excluding) |