severity_rating: low created_at: 2018-09-01 06:36:58 vendor: nextcloud https://hackerone.com/nextcloud bounty_amount:

Hi Security Team,

Url : https://apps.nextcloud.com/static/assets/
Dork : site:nextcloud.com intitle:index.of

Hello I am Ismail Tasdelen. I was testing directory security and I saw many directories open.

Thanks

Impact

A directory listing is inappropriately exposed, yielding potentially sensitive information to attackers. This is a motive source for attackers.