An information disclosure vulnerability exists in Nextcloud Richdocuments, an open source self-hosted file synchronization and sharing communication application platform from Nextcloud Germany, which stems from the fact that in the affected version, the Richdocuments OCS endpoint is not rate-limited. An attacker could exploit the vulnerability to enumerate potentially valid sharing tokens.