Lucene search
GoogleOSV:CVE-2021-39225HistoryOct 25, 2021 - 10:15 p.m.
CVE-2021-39225
2021-10-2522:15:07
Google
osv.dev
9
nextcloud
deck
permission
vulnerability
upgrade
Nextcloud is an open-source, self-hosted productivity platform. A missing permission check in Nextcloud Deck before 1.2.9, 1.4.5 and 1.5.3 allows another authenticated users to access Deck cards of another user. It is recommended that the Nextcloud Deck App is upgraded to 1.2.9, 1.4.5 or 1.5.3. There are no known workarounds aside from upgrading.
Related
cvelist
cvelist
CVE-2021-39225 Missing permission check on Deck API
2021-10-25 21:40:11
cve
cve
CVE-2021-39225
2021-10-25 22:15:07
nextcloud
nextcloud
Missing permission check on Deck API
2021-10-25 11:13:01
prion
prion
Design/Logic Flaw
2021-10-25 22:15:00
hackerone
hackerone
Nextcloud: Cards in Deck are readable by any user
2021-09-07 11:21:19
nvd
nvd
CVE-2021-39225
2021-10-25 22:15:07
cnvd
cnvd
Nextcloud Deck Access Control Error Vulnerability (CNVD-2021-102877)
2021-10-28 00:00:00