openSUSE Security Update : nextcloud (openSUSE-2018-1487)
Low Nessus Plugin ID 119495
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for nextcloud fixes security issues and bugs.
Security issues fixed :
- CVE-2018-3780: Stored XSS in autocomplete suggestions for file comments (boo#1114817)
This update also contains all bug fixes and improvements in the 13.0.8 version, including :
- Password expiration time changed from 12h to 7d
- Bug fixes to the OAuth brute force protection
- Various other bug fixes and improvements
SolutionUpdate the affected nextcloud package.