AI Score
Confidence
Low
EPSS
Percentile
33.0%
Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid share tokens for public calendars due to a logical error. Thus granting an attacker potentially access to publicly shared calendars without knowing the share token.
hackerone.com/reports/218876
nextcloud.com/security/advisory/?id=nc-sa-2017-011