CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
47.2%
An attacker would be able to see videos on a call in a public conversation after being removed from that conversation, provided that they were removed while being in the call.
It is recommended that the Nextcloud Talk is upgraded to 12.2.8, 13.0.10, 14.0.6 or 15.0.0
No workaround available
If you have any questions or comments about this advisory: