The __Host prefix mitigates cookie injection vulnerabilities within potential third-party software sharing the same second level domain. It is an additional hardening on top of 'normal' same-site cookies


#1

Hello can someone help me with this error i get on the page https://scan.nextcloud.com/

The __Host prefix mitigates cookie injection vulnerabilities within potential third-party software sharing the same second level domain. It is an additional hardening on top of ‘normal’ same-site cookies.

What i can do to fix this error ?

Also it’s telling me that im not running the latest version

Running Nextcloud 13.0.4.0
NOT on latest patch level

How we patch it ?

Thanks !


#2

Hello anyone ? :slight_smile:


#3

According to https://nextcloud.com/changelog/ 13.0.5 was released on 23. July. It usually takes some time until this version is available through standard channels. It takes some additional time until the updated app is available for UCS.
Regarding the mentioned error I would rather check help.nextcloud.com, for example https://help.nextcloud.com/t/security-scan---host-prefix/9785/14.

hth,
Dirk


#4

ha ok sorry im new to all this so im learning :slight_smile:

Once the update will be available normally how we do the update ?

Thanks for your help !


#5

Updates for apps installed through the Appcenter will be shown in addition to the updates of the system itself if you look at the updater module in the UMC. The Appcenter will also show a modified icon for installed apps with available updates.


#6

Ok thans for your help !