Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2022-24906
HistoryMay 20, 2022 - 4:15 p.m.

CVE-2022-24906

2022-05-2016:15:09
Google
osv.dev
7
nextcloud
deck
application path
unauthorized users
upgrade
software
cve-2022-24906

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

35.3%

JSON

Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud, similar to Trello. The full path of the application is exposed to unauthorized users. It is recommended that the Nextcloud Deck app is upgraded to 1.2.11, 1.4.6, or 1.5.4. There is no workaround available.

Related

cvelist 1
cve 1
nvd 1
hackerone 1
nextcloud 1
prion 1
cvelist
cvelist
CVE-2022-24906 Error in deleting deck cards attachment reveals the full application path in Nextcloud Deck
2022-05-20 15:40:17
cve
cve
CVE-2022-24906
2022-05-20 16:15:09
nvd
nvd
CVE-2022-24906
2022-05-20 16:15:09
hackerone
hackerone
Nextcloud: Error in Deleting Deck cards attachment reveals the full path of the website
2021-09-29 07:58:44
nextcloud
nextcloud
Error in deleting deck cards attachment reveals the full application path
2022-05-20 08:04:53
prion
prion
Path traversal
2022-05-20 16:15:00

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

35.3%

JSON
Related for OSV:CVE-2022-24906
cvelist1cve1nvd1hackerone1nextcloud1prion1