CVE 2019-15617
A missing check in Nextcloud Server 17.0.0 allowed an attacker to set up a new second factor when trying to login.
See the
CVE page on Mitre.org
for more details.
A missing check in Nextcloud Server 17.0.0 allowed an attacker to set up a new second factor when trying to login.