4.6 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
7 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
15.7%
A vulnerability in the Notes file of the distraction-free note-taking app for Nextcloud is related to the
The ability to share a Notes folder with a new user before they are logged in. Exploitation
of the vulnerability could allow an attacker acting remotely to gain access to sensitive
information
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
redos | 7.3 | x86_64 | nextcloud-app-notes | <= 4.9.3-1 | UNKNOWN |
4.6 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
7 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
15.7%