Nextcloud mail app allows scanning for internal services and servers reachable from within the local network. Upgrade to 1.15.0 or 2.2.2 or disable the app
Reporter | Title | Published | Views | Family All 8 |
---|---|---|---|---|
![]() | Blind SSRF via server URL input in the Nextcloud Mail app | 6 Feb 202309:47 | – | nextcloud |
![]() | Nextcloud: Mail app - Blind SSRF via Sierve server fonctionnality and sieveHost parameter | 18 Oct 202219:24 | – | hackerone |
![]() | Nextcloud: Mail app - blind SSRF via imapHost parameter | 15 Oct 202221:08 | – | hackerone |
![]() | Nextcloud: Mail app - blind SSRF via smtpHost parameter | 22 Oct 202211:43 | – | hackerone |
![]() | CVE-2023-23943 | 6 Feb 202321:15 | – | osv |
![]() | CVE-2023-23943 Blind SSRF via server URL input in the Nextcloud Mail app | 6 Feb 202320:18 | – | cvelist |
![]() | CVE-2023-23943 | 6 Feb 202321:15 | – | nvd |
![]() | Design/Logic Flaw | 6 Feb 202321:15 | – | prion |
[
{
"vendor": "nextcloud",
"product": "security-advisories",
"versions": [
{
"version": ">= 2.0.0, < 2.2.2",
"status": "affected"
},
{
"version": "< 1.15.0",
"status": "affected"
}
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo