6.6 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
50.6%
Improper permissions preservation in Nextcloud Server 16.0.1 causes sharees to be able to reshare with write permissions when sharing the mount point of a share they received, as a public link.
lists.opensuse.org/opensuse-security-announce/2020-02/msg00019.html
lists.opensuse.org/opensuse-security-announce/2020-02/msg00022.html
hackerone.com/reports/619484
nextcloud.com/security/advisory/?id=NC-SA-2020-012