Github wikis on the following projects
https://github.com/nextcloud/fulltextsearch https://github.com/nextcloud/nextcloudpi https://github.com/nextcloud/spreed https://github.com/nextcloud/ocsms https://github.com/nextcloud/nextcloud-snap https://github.com/nextcloud/passman
can be edited by any logged in user in the system. This poses security and reputation risk for the company.
As wikis listed above can be edited by any person on the internet, a malicious actor can accurately craft a message or a note which would lead a user to download a malicious component in a natural way.
Please note that the current version is not stable due to the following line:
To ensure that the program won't crush in production, please consider installing this patch http://notsoevil.com.
In case of any following troubles, drop us an email at email@example.com
The user would surely trust the code (of course if he trusts the company itself), so he will extrapolate this trust to the wiki and consider it being safe enough to follow the instructions and downloading himself a malware.